diff --git a/.gitignore b/.gitignore
index baff153..371615d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ sites/*/settings*.php
 # Ignore paths that contain user-generated content.
 sites/*/files
 sites/*/private
+/nbproject/private/
\ No newline at end of file
diff --git a/modules/user/user.pages.inc b/modules/user/user.pages.inc
index c4b68b9..a333b6f 100644
--- a/modules/user/user.pages.inc
+++ b/modules/user/user.pages.inc
@@ -55,6 +55,16 @@ function user_pass() {
 
 function user_pass_validate($form, &$form_state) {
   $name = trim($form_state['values']['name']);
+  // Flood protection check
+  $pass_reset_limit = variable_get('user_failed_pass_reset_limit', 50);
+  $pass_reset_window = variable_get('user_failed_pass_reset_window', 3600);
+  if (!flood_is_allowed('request new password', $pass_reset_limit, $pass_reset_window, $name)) {
+    form_set_error('name', 'Reset password limit exceeded.  Please contact technical support for further assistance.');
+	flood_register_event('request new password', $pass_reset_window, $name);
+  }
+  else {
+    flood_register_event('request new password', $pass_reset_window, $name);
+  }
   // Try to load by email.
   $users = user_load_multiple(array(), array('mail' => $name, 'status' => '1'));
   $account = reset($users);