diff --git a/app/assets/javascripts/admin.js b/app/assets/javascripts/admin.js
new file mode 100644
index 00000000..bb0a499a
--- /dev/null
+++ b/app/assets/javascripts/admin.js
@@ -0,0 +1,11 @@
+$(document).ready(function(){
+    $('input#user_force_random_password').on('change', function(elem) {
+        var elems = $('#user_password, #user_password_confirmation');
+        
+        if ($(this).attr('checked')) {
+            elems.val('').attr('disabled', true);
+        } else {
+            elems.removeAttr('disabled');
+        }
+    });
+});
diff --git a/app/models/user.rb b/app/models/user.rb
index 39aea3e8..60b56627 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -5,7 +5,10 @@ class User < ActiveRecord::Base
          :recoverable, :rememberable, :trackable, :validatable, :omniauthable
 
   attr_accessible :email, :password, :password_confirmation, :remember_me, :bio,
-                  :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme, :theme_id
+                  :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme, 
+                  :theme_id, :force_random_password
+
+  attr_accessor :force_random_password
 
   has_many :users_projects, :dependent => :destroy
   has_many :projects, :through => :users_projects
@@ -53,6 +56,14 @@ class User < ActiveRecord::Base
   scope :blocked, where(:blocked =>  true)
   scope :active, where(:blocked =>  false)
 
+  before_validation :generate_password, :on => :create
+
+  def generate_password
+    if self.force_random_password
+      self.password = self.password_confirmation = Devise.friendly_token.first(8)
+    end
+  end
+
   def self.filter filter_name
     case filter_name
     when "admins"; self.admins
diff --git a/app/views/admin/users/_form.html.haml b/app/views/admin/users/_form.html.haml
index 883a7d72..bd2e1362 100644
--- a/app/views/admin/users/_form.html.haml
+++ b/app/views/admin/users/_form.html.haml
@@ -18,12 +18,21 @@
           .input
             = f.text_field :email
             %span.help-inline * required
-        .clearfix
-          = f.label :password
-          .input= f.password_field :password
-        .clearfix
-          = f.label :password_confirmation
-          .input= f.password_field :password_confirmation
+        %hr
+
+        -if f.object.new_record?
+          .clearfix 
+            = f.label :admin, :class => "checkbox" do
+              = f.check_box :force_random_password, {}, true, nil
+            %span Generate random password
+        
+        %div.password-fields
+          .clearfix
+            = f.label :password
+            .input= f.password_field :password, :disabled => f.object.force_random_password 
+          .clearfix
+            = f.label :password_confirmation
+            .input= f.password_field :password_confirmation, :disabled => f.object.force_random_password
         %hr
         .clearfix
           = f.label :skype
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index c2721dd1..91771ca9 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -22,6 +22,24 @@ describe User do
     user.identifier.should == "test_mail_com"
   end
 
+  it "should execute callback when force_random_password specified" do
+    user = User.new(:email => "test@mail.com", :force_random_password => true)
+    user.should_receive(:generate_password)
+    user.save
+  end
+
+  it "should not generate password by default" do
+    user = Factory(:user, :password => 'abcdefg', :password_confirmation => 'abcdefg')
+    user.password.should == 'abcdefg'
+  end
+
+  it "should generate password when forcing random password" do
+    Devise.stub(:friendly_token).and_return('123456789')
+    user = User.create(:email => "test1@mail.com", :force_random_password => true)
+    user.password.should == user.password_confirmation
+    user.password.should == '12345678'
+  end
+
   it "should have authentication token" do
     user = Factory(:user)
     user.authentication_token.should_not == ""