diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 3a0a37c0a591843bf4395eff8129d72a9f9a071e..eadd2b64b80cb1e713942b7f1f971be8a17b75bb 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -263,6 +263,19 @@ class Hooks {
 		}
 	}
 
+	/**
+	 * after password reset we create a new key pair for the user
+	 *
+	 * @param array $params
+	 */
+	public static function postPasswordReset($params) {
+		$uid = $params['uid'];
+		$password = $params['password'];
+
+		$util = new Util(new \OC\Files\View(), $uid);
+		$util->replaceUserKeys($password);
+	}
+
 	/*
 	 * check if files can be encrypted to every user.
 	 */
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 53c380ab2b38d5fc6543bf2999418d184a42e69b..7a50ade82f39ab1ef291f16c9157a1d139c3ad57 100644
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -70,6 +70,7 @@ class Helper {
 		\OCP\Util::connectHook('OC_Filesystem', 'delete', 'OCA\Encryption\Hooks', 'preDelete');
 		\OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUmount');
 		\OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUmount');
+		\OCP\Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Encryption\Hooks', 'postPasswordReset');
 	}
 
 	/**
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index c8697ae7c80e99b5831f8dca73ed37198b047674..d12b003b22764a24a7a89ebe047cbaca551899c2 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -124,6 +124,18 @@ class Util {
 		}
 	}
 
+	/**
+	 * create a new public/private key pair for the user
+	 *
+	 * @param string $password password for the private key
+	 */
+	public function replaceUserKeys($password) {
+		$this->backupAllKeys('password_reset');
+		$this->view->unlink($this->publicKeyPath);
+		$this->view->unlink($this->privateKeyPath);
+		$this->setupServerSide($password);
+	}
+
 	/**
 	 * Sets up user folders and keys for serverside encryption
 	 *