diff --git a/config/locales/en.yml b/config/locales/en.yml
index 98f1ded47f..8ba4952577 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -26,6 +26,7 @@ en:
       spree/user:
         password: "Password"
         password_confirmation: "Password confirmation"
+        reset_password_token: Reset password token
       enterprise_fee:
         fee_type: Fee Type
       spree/order:
@@ -61,6 +62,8 @@ en:
           attributes:
             email:
               taken: "There's already an account for this email. Please login or reset your password."
+            reset_password_token:
+              invalid: is invalid
         spree/order:
           no_card: There are no authorised credit cards available to charge
         spree/credit_card:
@@ -116,6 +119,9 @@ en:
   community_forum_url: "Community forum URL"
   customer_instructions: "Customer instructions"
   devise:
+    passwords:
+      spree_user:
+        cannot_be_blank: "User password cannot be blank. Please enter a password."
     confirmations:
       send_instructions: "You will receive an email with instructions about how to confirm your account in a few minutes."
       failed_to_send: "An error occurred whilst sending your confirmation email."
diff --git a/spec/features/consumer/confirm_invitation_spec.rb b/spec/features/consumer/confirm_invitation_spec.rb
deleted file mode 100644
index 967ecfb5fe..0000000000
--- a/spec/features/consumer/confirm_invitation_spec.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-require "spec_helper"
-
-feature "Confirm invitation as manager" do
-  include UIComponentHelper
-  include OpenFoodNetwork::EmailHelper
-
-  describe "confirm email and set password" do
-    let(:email) { "test@example.org" }
-    let(:user) { Spree::User.create(email: email, unconfirmed_email: email, password: "secret") }
-
-    before do
-      setup_email
-      user.reset_password_token = Devise.friendly_token
-      user.reset_password_sent_at = Time.now.utc
-      user.save!
-    end
-
-    it "lets the user set a password" do
-      visit spree.spree_user_confirmation_path(confirmation_token: user.confirmation_token)
-
-      expect(user.reload.confirmed?).to be true
-      expect(page).to have_text I18n.t(:change_my_password)
-
-      fill_in "Password", with: "my secret"
-      fill_in "Password Confirmation", with: "my secret"
-      click_button
-
-      expect(page).to have_no_text "Reset password token has expired"
-      expect(page).to be_logged_in_as user
-    end
-  end
-end
diff --git a/spec/system/consumer/user_password_spec.rb b/spec/system/consumer/user_password_spec.rb
new file mode 100644
index 0000000000..93ff772369
--- /dev/null
+++ b/spec/system/consumer/user_password_spec.rb
@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+require "system_helper"
+
+describe "User password confirm/reset page" do
+  include UIComponentHelper
+  include OpenFoodNetwork::EmailHelper
+
+  let(:email) { "test@example.org" }
+  let(:user) { Spree::User.create(email: email, unconfirmed_email: email, password: "secret") }
+
+  describe "can set a password" do
+    before do
+      user.reset_password_token = Devise.friendly_token
+      user.reset_password_sent_at = Time.now.utc
+      user.save!
+    end
+
+    it "lets the user set a password" do
+      visit spree.spree_user_confirmation_path(confirmation_token: user.confirmation_token)
+
+      expect(user.reload.confirmed?).to be true
+      expect(page).to have_text I18n.t(:change_my_password)
+
+      fill_in "Password", with: "my secret"
+      fill_in "Password Confirmation", with: "my secret"
+      click_button
+
+      expect(page).to have_no_text "Reset password token has expired"
+      expect(page).to be_logged_in_as user
+    end
+  end
+
+  describe "can reset its own password" do
+    let(:reset_password_token) { user.regenerate_reset_password_token }
+
+    it "has the right error when password aren't the same" do
+      visit spree.edit_spree_user_password_path(reset_password_token: reset_password_token)
+
+      expect(page).to have_text "Change my password"
+
+      fill_in "Password", with: "my secret"
+      fill_in "Password Confirmation", with: "my secret1"
+      click_button
+
+      expect(page).to have_text "Password confirmation doesn't match Password"
+    end
+
+    it "has the right error message whend reset token is invalid" do
+      visit spree.edit_spree_user_password_path(reset_password_token: "#{reset_password_token}-i")
+
+      fill_in "Password", with: "my secret"
+      fill_in "Password Confirmation", with: "my secret"
+      click_button
+
+      expect(page).to have_text "Reset password token is invalid"
+    end
+
+    it "has the right error message whend reset token is invalid" do
+      reset_password_token = user.regenerate_reset_password_token
+      user.reset_password_sent_at = 2.days.ago
+      user.save!
+
+      visit spree.edit_spree_user_password_path(reset_password_token: reset_password_token)
+
+      fill_in "Password", with: "my secret"
+      fill_in "Password Confirmation", with: "my secret"
+      click_button
+
+      expect(page).to have_text "Reset password token has expired, please request a new one"
+    end
+
+    it "can actually reset its own password" do
+      visit spree.edit_spree_user_password_path(reset_password_token: reset_password_token)
+
+      fill_in "Password", with: "my secret"
+      fill_in "Password Confirmation", with: "my secret"
+      click_button
+
+      expect(page).to have_text "Your password has been changed successfully"
+    end
+  end
+end