diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 88dae462058..5fefbe63cbd 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -443,11 +443,12 @@ function encodedecode_dbpassconf($level=0)
 /**
  * Return a generated password using default module
  *
- * @param		boolean		$generic		true=Create generic password (32 chars/numbers), false=Use the configured password generation module
- * @return		string						New value for password
+ * @param		boolean		$generic				true=Create generic password (32 chars/numbers), false=Use the configured password generation module
+ * @param		string		$replaceambiguouschars	Discard ambigous characters. For example array('I').
+ * @return		string								New value for password
  * @see dol_hash
  */
-function getRandomPassword($generic=false)
+function getRandomPassword($generic=false, $replaceambiguouschars=array())
 {
 	global $db,$conf,$langs,$user;
 
@@ -508,5 +509,13 @@ function getRandomPassword($generic=false)
 		unset($genhandler);
 	}
 
+	// Do we have to discard some alphabetic characters ?
+	if (is_array($replaceambiguouschars) && count($replaceambiguouschars) > 0)
+	{
+		$numbers = "ABCDEF";
+		$max = strlen($numbers) - 1;
+		$generated_password=str_replace($replaceambiguouschars, $numbers{random_int(0, $max)}, $generated_password);
+	}
+
 	return $generated_password;
 }
diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php
index 21e25473b8f..f77189d4434 100644
--- a/test/phpunit/SecurityTest.php
+++ b/test/phpunit/SecurityTest.php
@@ -260,17 +260,21 @@ class SecurityTest extends PHPUnit_Framework_TestCase
     {
         global $conf;
 
-        $genpass1=getRandomPassword(true);    // Should be a string return by dol_hash (if no option set, will be md5)
+        $genpass1=getRandomPassword(true);				// Should be a string return by dol_hash (if no option set, will be md5)
+        print __METHOD__." genpass1=".$genpass1."\n";
+        $this->assertEquals(strlen($genpass1), 32);
+
+        $genpass1=getRandomPassword(true, array('I'));	// Should be a string return by dol_hash (if no option set, will be md5)
         print __METHOD__." genpass1=".$genpass1."\n";
         $this->assertEquals(strlen($genpass1), 32);
 
         $conf->global->USER_PASSWORD_GENERATED='None';
-        $genpass2=getRandomPassword(false);  // Should be an empty string
+        $genpass2=getRandomPassword(false);				// Should return an empty string
         print __METHOD__." genpass2=".$genpass2."\n";
         $this->assertEquals($genpass2, '');
 
         $conf->global->USER_PASSWORD_GENERATED='Standard';
-        $genpass3=getRandomPassword(false);
+        $genpass3=getRandomPassword(false);				// Should return a password of 8 chars
         print __METHOD__." genpass3=".$genpass3."\n";
         $this->assertEquals(strlen($genpass3), 8);