diff --git a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
index f87a7620f2b..dd97830dae9 100644
--- a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
+++ b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
@@ -99,6 +99,8 @@ class ResetPasswordSecondaryAuthenticationProvider extends AbstractSecondaryAuth
 		if ( !$needReq->action ) {
 			$needReq->action = AuthManager::ACTION_CHANGE;
 		}
+		$needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
+			: AuthenticationRequest::OPTIONAL;
 		$needReqs = [ $needReq ];
 		if ( !$data->hard ) {
 			$needReqs[] = new ButtonAuthenticationRequest(
diff --git a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
index 59ededed725..79c138b5da5 100644
--- a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
+++ b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
@@ -216,7 +216,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
 		$this->assertSame( AuthenticationResponse::UI, $res->status );
 		$this->assertEquals( $msg, $res->message );
 		$this->assertCount( 2, $res->neededRequests );
-		$this->assertEquals( $passReq, $res->neededRequests[0] );
+		$expectedPassReq = clone $passReq;
+		$expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+		$this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
 		$this->assertEquals( $skipReq, $res->neededRequests[1] );
 		$this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
 		$this->assertFalse( $passReq->done );
@@ -304,7 +306,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
 		$this->assertSame( AuthenticationResponse::UI, $res->status );
 		$this->assertEquals( $msg, $res->message );
 		$this->assertCount( 2, $res->neededRequests );
-		$this->assertEquals( $passReq2, $res->neededRequests[0] );
+		$expectedPassReq = clone $passReq2;
+		$expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+		$this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
 		$this->assertEquals( $skipReq, $res->neededRequests[1] );
 		$this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
 		$this->assertFalse( $passReq->done );