diff --git a/actions/imsettings.php b/actions/imsettings.php
index 368cd8b9e6..904516f24d 100644
--- a/actions/imsettings.php
+++ b/actions/imsettings.php
@@ -52,9 +52,7 @@ class ImsettingsAction extends SettingsAction {
 				common_element_start('p');
 				common_element('span', 'address unconfirmed', $confirm->address);
 				common_element('span', 'input_instructions',
-			  	              sprintf(_('Awaiting confirmation on this address. Check your ' .
-			  	                'Jabber/GTalk account for a message with further ' .
-			  	                'instructions. (Did you add %s to your buddy list?)',
+							   sprintf(_('Awaiting confirmation on this address. Check your Jabber/GTalk account for a message with further instructions. (Did you add %s to your buddy list?)',
                                  jabber_daemon_address())));
 				common_hidden('jabber', $confirm->address);
 				common_element_end('p');
diff --git a/actions/login.php b/actions/login.php
index 003d6613f7..0f2dec1a41 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -109,10 +109,21 @@ class LoginAction extends Action {
 	}
 
 	function get_instructions() {
-		return _('Login with your username and password. ' .
-				  'Don\'t have a username yet? ' .
-				  '[Register](%%action.register%%) a new account, or ' .
-				  'try [OpenID](%%action.openidlogin%%). ');
+		if (common_logged_in() &&
+			!common_is_real_login() &&
+			common_get_returnto())
+		{
+			# rememberme logins have to reauthenticate before
+			# changing any profile settings (cookie-stealing protection)
+			return _('For security reasons, please re-enter your ' .
+					 'user name and password ' .
+					 'before changing your settings.');
+		} else {
+			return _('Login with your username and password. ' .
+					 'Don\'t have a username yet? ' .
+					 '[Register](%%action.register%%) a new account, or ' .
+					 'try [OpenID](%%action.openidlogin%%). ');
+		}
 	}
 
 	function show_top($error=NULL) {