diff --git a/src/Controller/ProfileController.php b/src/Controller/ProfileController.php
index f34881786..50d2c6dfe 100644
--- a/src/Controller/ProfileController.php
+++ b/src/Controller/ProfileController.php
@@ -115,15 +115,20 @@ public function packagesAction(Request $req, #[VarName('name')] User $user, Favo
     public function editAction(Request $request): Response
     {
         $user = $this->getUser();
-        if (!is_object($user)) {
+        if (!$user instanceof User) {
             throw $this->createAccessDeniedException('This user does not have access to this section.');
         }
 
+        $oldEmail = $user->getEmail();
         $form = $this->createForm(ProfileFormType::class, $user);
 
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
+            if ($oldEmail !== $user->getEmail()) {
+                $user->resetPasswordRequest();
+            }
+
             $this->getEM()->persist($user);
             $this->getEM()->flush();
 
diff --git a/tests/Controller/ProfileControllerTest.php b/tests/Controller/ProfileControllerTest.php
new file mode 100644
index 000000000..9bccedf40
--- /dev/null
+++ b/tests/Controller/ProfileControllerTest.php
@@ -0,0 +1,59 @@
+<?php declare(strict_types=1);
+
+namespace App\Tests\Controller;
+
+use App\Entity\User;
+use Doctrine\DBAL\Connection;
+use Doctrine\Persistence\ManagerRegistry;
+use Symfony\Bundle\FrameworkBundle\KernelBrowser;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+class ProfileControllerTest extends WebTestCase
+{
+    private KernelBrowser $client;
+
+    public function setUp(): void
+    {
+        $this->client = self::createClient();
+        $this->client->disableReboot(); // Prevent reboot between requests
+        static::getContainer()->get(Connection::class)->beginTransaction();
+
+        parent::setUp();
+    }
+
+    public function testEditProfile(): void
+    {
+        $user = new User;
+        $user->setEnabled(true);
+        $user->setUsername('test');
+        $user->setEmail('test@example.org');
+        $user->setPassword('testtest');
+        $user->setApiToken('token');
+        $user->setGithubId('123456');
+
+        $user->initializeConfirmationToken();
+        $user->setPasswordRequestedAt(new \DateTime());
+
+        $em = static::getContainer()->get(ManagerRegistry::class)->getManager();
+        $em->persist($user);
+        $em->flush();
+
+        $this->client->loginUser($user);
+
+        $crawler = $this->client->request('GET', '/profile/edit');
+
+        $form = $crawler->selectButton('Update')->form();
+        $this->client->submit($form, [
+            'packagist_user_profile[email]' => $newEmail = 'new-email@example.org',
+        ]);
+
+        $this->assertResponseStatusCodeSame(302);
+
+        $em->clear();
+        $user = $em->getRepository(User::class)->find($user->getId());
+        $this->assertNotNull($user);
+        $this->assertSame($newEmail, $user->getEmail());
+        $this->assertNull($user->getPasswordRequestedAt());
+        $this->assertNull($user->getConfirmationToken());
+    }
+}