diff --git a/ordr3/events.py b/ordr3/events.py
index 9675e34..b4f5769 100644
--- a/ordr3/events.py
+++ b/ordr3/events.py
@@ -1,5 +1,11 @@
+from collections import namedtuple
+
 from pyramid.events import subscriber
 
+SerializableFlashMessage = namedtuple(
+    "SerializableFlashMessage", ["text", "more"]
+)
+
 
 class Ordr3Event:
     def __init__(self):
@@ -27,11 +33,13 @@ class FlashMessage(Ordr3Event):
 
 
 @subscriber(FlashMessage)
-def handle_flash_message(message):
-    if message.request is None:
+def handle_flash_message_event(event):
+    if event.request is None:
         return
-    session = message.request.session
-    session.flash(message, message.channel, allow_duplicate=False)
+    session = event.request.session
+    message = SerializableFlashMessage(event.text, event.more)
+    print(message)
+    session.flash(message, event.channel, allow_duplicate=False)
 
 
 def emit(request, event):
diff --git a/ordr3/services.py b/ordr3/services.py
index 191ad4b..c75a9ae 100644
--- a/ordr3/services.py
+++ b/ordr3/services.py
@@ -116,7 +116,9 @@ def set_new_password(user, password, event_queue):
     if not length_ok:
         event_queue.emit(MSG_SHORT_PASSWORD)
 
-    return length_ok and not check_have_i_been_pwned(password, event_queue)
+    has_been_pwned = check_have_i_been_pwned(password, event_queue)
+
+    return length_ok and not has_been_pwned
 
 
 def check_have_i_been_pwned(password, event_queue):
@@ -143,7 +145,6 @@ def _check_have_i_been_pwned(password_hash, event_queue):
         return False
     lower_case_lines = (line.lower() for line in response.text.splitlines())
     for line in lower_case_lines:
-        print(tails, line, line.startswith(tails))
         if line.startswith(tails):
             event_queue.emit(MSG_PWNED_PASSWORD)
             return True
diff --git a/ordr3/views/account.py b/ordr3/views/account.py
index 6ede2eb..df8e27d 100644
--- a/ordr3/views/account.py
+++ b/ordr3/views/account.py
@@ -94,7 +94,7 @@ def register_new_user(context, request):
         email=appstruct["email"],
         role=models.UserRole.NEW,
     )
-    services.set_new_password(account, appstruct["password"])
+    services.set_new_password(account, appstruct["password"], request)
     request.repo.add_user(account)
 
     return HTTPFound(request.resource_path(request.root, "registered"))