diff --git a/app/Validator/PasswordResetValidator.php b/app/Validator/PasswordResetValidator.php
index fb424e892..bc816f455 100644
--- a/app/Validator/PasswordResetValidator.php
+++ b/app/Validator/PasswordResetValidator.php
@@ -85,6 +85,9 @@ class PasswordResetValidator extends BaseValidator
             if (! $result) {
                 $errors['captcha'] = array(t('Invalid captcha'));
             }
+
+            // Invalidate captcha to avoid reuse.
+            session_remove('captcha');
         }
 
         return array($result, $errors);