diff --git a/lib/devise.rb b/lib/devise.rb
index 14ffedfd..ab464008 100644
--- a/lib/devise.rb
+++ b/lib/devise.rb
@@ -417,7 +417,7 @@ module Devise
 
   # Generate a friendly string randomically to be used as token.
   def self.friendly_token
-    SecureRandom.base64(15).tr('+/=', 'xyz')
+    SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
   end
 
   # constant-time comparison algorithm to prevent timing attacks
diff --git a/test/models/encryptable_test.rb b/test/models/encryptable_test.rb
index 16b33804..5c26b00d 100644
--- a/test/models/encryptable_test.rb
+++ b/test/models/encryptable_test.rb
@@ -31,8 +31,10 @@ class EncryptableTest < ActiveSupport::TestCase
 
   test 'should generate a base64 hash using SecureRandom for password salt' do
     swap_with_encryptor Admin, :sha1 do
-      SecureRandom.expects(:base64).with(15).returns('friendly_token')
-      assert_equal 'friendly_token', create_admin.password_salt
+      SecureRandom.expects(:base64).with(15).returns('01lI')
+      salt = create_admin.password_salt
+      assert_not_equal '01lI', salt
+      assert_equal 4, salt.size
     end
   end