diff --git a/rhodecode/model/forms.py b/rhodecode/model/forms.py
--- a/rhodecode/model/forms.py
+++ b/rhodecode/model/forms.py
@@ -185,20 +185,21 @@ class ValidPassword(formencode.validator
 class ValidPasswordsMatch(formencode.validators.FancyValidator):
 
     def validate_python(self, value, state):
-
-        if value['password'] != value['password_confirmation']:
+        
+        pass_val = value.get('password') or value.get('new_password')
+        if pass_val != value['password_confirmation']:
             e_dict = {'password_confirmation':
                    _('Passwords do not match')}
             raise formencode.Invalid('', value, state, error_dict=e_dict)
 
 class ValidAuth(formencode.validators.FancyValidator):
     messages = {
-            'invalid_password':_('invalid password'),
-            'invalid_login':_('invalid user name'),
-            'disabled_account':_('Your account is disabled')
-
-            }
-    #error mapping
+        'invalid_password':_('invalid password'),
+        'invalid_login':_('invalid user name'),
+        'disabled_account':_('Your account is disabled')
+    }
+    
+    # error mapping
     e_dict = {'username':messages['invalid_login'],
               'password':messages['invalid_password']}
     e_dict_disable = {'username':messages['disabled_account']}
@@ -253,6 +254,7 @@ def ValidRepoName(edit, old_data):
                 # db key This is an actual just the name to store in the
                 # database
                 repo_name_full = group_path + Group.url_sep() + repo_name
+                
             else:
                 group_path = ''
                 repo_name_full = repo_name
@@ -496,8 +498,6 @@ class LoginForm(formencode.Schema):
                                 'tooShort':_('Enter %(min)i characters or more')}
                                 )
 
-
-    #chained validators have access to all data
     chained_validators = [ValidAuth]
 
 def UserForm(edit=False, old_data={}):
@@ -508,15 +508,18 @@ def UserForm(edit=False, old_data={}):
                        ValidUsername(edit, old_data))
         if edit:
             new_password = All(UnicodeString(strip=True, min=6, not_empty=False))
+            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))
             admin = StringBoolean(if_missing=False)
         else:
             password = All(UnicodeString(strip=True, min=6, not_empty=True))
+            password_confirmation = All(UnicodeString(strip=True, min=6, not_empty=False))
+            
         active = StringBoolean(if_missing=False)
         name = UnicodeString(strip=True, min=1, not_empty=True)
         lastname = UnicodeString(strip=True, min=1, not_empty=True)
         email = All(Email(not_empty=True), UniqSystemEmail(old_data))
 
-        chained_validators = [ValidPassword]
+        chained_validators = [ValidPasswordsMatch, ValidPassword]
 
     return _UserForm
 
@@ -616,16 +619,19 @@ def RepoForkForm(edit=False, old_data={}
 
     return _RepoForkForm
 
-def RepoSettingsForm(edit=False, old_data={}):
+def RepoSettingsForm(edit=False, old_data={}, supported_backends=BACKENDS.keys(),
+                     repo_groups=[]):
     class _RepoForm(formencode.Schema):
         allow_extra_fields = True
         filter_extra_fields = False
         repo_name = All(UnicodeString(strip=True, min=1, not_empty=True),
                         SlugifyName())
         description = UnicodeString(strip=True, min=1, not_empty=True)
+        repo_group = OneOf(repo_groups, hideList=True)
         private = StringBoolean(if_missing=False)
 
-        chained_validators = [ValidRepoName(edit, old_data), ValidPerms, ValidSettings]
+        chained_validators = [ValidRepoName(edit, old_data), ValidPerms, 
+                              ValidSettings]
     return _RepoForm