diff --git a/website/client/js/controllers/settingsCtrl.js b/website/client/js/controllers/settingsCtrl.js
index e302572880..7e78a8b095 100644
--- a/website/client/js/controllers/settingsCtrl.js
+++ b/website/client/js/controllers/settingsCtrl.js
@@ -177,13 +177,16 @@ habitrpg.controller('SettingsCtrl',
       $rootScope.$state.go('tasks');
     }
 
-    $scope['delete'] = function(){
-      $http['delete'](ApiUrl.get() + '/api/v3/user')
-        .success(function(res, code){
-          if (res.err) return alert(res.err);
-          localStorage.clear();
-          window.location.href = '/logout';
-        });
+    $scope['delete'] = function(password) {
+      $http({
+        url: ApiUrl.get() + '/api/v3/user',
+        method: 'DELETE',
+        data: {password: password},
+      })
+      .then(function(res, code) {
+        localStorage.clear();
+        window.location.href = '/logout';
+      });
     }
 
     $scope.enterCoupon = function(code) {
diff --git a/website/views/shared/modals/settings.jade b/website/views/shared/modals/settings.jade
index 8a263f2df0..5063173a96 100644
--- a/website/views/shared/modals/settings.jade
+++ b/website/views/shared/modals/settings.jade
@@ -55,11 +55,11 @@ script(type='text/ng-template', id='modals/delete.html')
   .modal-header
     h4=env.t('deleteAccount')
   .modal-body
-    p!=env.t('deleteText', {deleteWord: 'DELETE'})
+    p!=env.t('deleteText', {deleteWord: 'Your password'})
     br
     .row
       .col-md-6
-        input.form-control(type='text', ng-model='_deleteAccount')
+        input.form-control(type='password', ng-model='_deleteAccount')
   .modal-footer
     button.btn.btn-default(ng-click='$close()')=env.t('neverMind')
-    button.btn.btn-danger(ng-disabled='_deleteAccount != "DELETE"', ng-click='$close(); delete()')=env.t('deleteDo')
+    button.btn.btn-danger(ng-disabled='!_deleteAccount', ng-click='$close(); delete(_deleteAccount)')=env.t('deleteDo')