diff --git a/app/models/domain.rb b/app/models/domain.rb
index ef871667d..837077bbb 100644
--- a/app/models/domain.rb
+++ b/app/models/domain.rb
@@ -91,10 +91,7 @@ class Domain < ActiveRecord::Base
 
   after_create :update_reserved_domains
   def update_reserved_domains
-    return unless in_reserved_list?
-    rd = ReservedDomain.by_domain(name).first
-    rd.password = SecureRandom.hex
-    rd.save
+    ReservedDomain.new_password_for(name) if in_reserved_list?
   end
 
   validates :name_dirty, domain_name: true, uniqueness: true
@@ -370,7 +367,7 @@ class Domain < ActiveRecord::Base
   end
 
   def in_reserved_list?
-    ReservedDomain.pw_for(name).present?
+    @in_reserved_list ||= ReservedDomain.by_domain(name).any?
   end
 
   def pending_transfer
diff --git a/app/models/reserved_domain.rb b/app/models/reserved_domain.rb
index ebc7d70a9..9f36fcebc 100644
--- a/app/models/reserved_domain.rb
+++ b/app/models/reserved_domain.rb
@@ -22,17 +22,30 @@ class ReservedDomain < ActiveRecord::Base
     def any_of_domains names
       where(name: names)
     end
+
+    def new_password_for name
+      record = by_domain(name).first
+      return unless record
+
+      record.regenerate_password
+      record.save
+    end
   end
 
 
-  def fill_empty_passwords
-    self.password = SecureRandom.hex if self.password.blank?
-  end
 
   def name= val
     super SimpleIDN.to_unicode(val)
   end
 
+  def fill_empty_passwords
+    regenerate_password if self.password.blank?
+  end
+
+  def regenerate_password
+    self.password = SecureRandom.hex
+  end
+
   def generate_data
     return if Domain.where(name: name).any?