diff --git a/smartmin/users/migrations/0004_alter_failedlogin_failed_on_and_more.py b/smartmin/users/migrations/0004_alter_failedlogin_failed_on_and_more.py
new file mode 100644
index 0000000..f4d978a
--- /dev/null
+++ b/smartmin/users/migrations/0004_alter_failedlogin_failed_on_and_more.py
@@ -0,0 +1,58 @@
+# Generated by Django 5.0.3 on 2024-06-13 18:36
+
+import django.db.models.deletion
+import django.utils.timezone
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("users", "0003_auto_20210219_1548"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="failedlogin",
+            name="failed_on",
+            field=models.DateTimeField(default=django.utils.timezone.now),
+        ),
+        migrations.AlterField(
+            model_name="passwordhistory",
+            name="password",
+            field=models.CharField(max_length=255),
+        ),
+        migrations.AlterField(
+            model_name="passwordhistory",
+            name="set_on",
+            field=models.DateTimeField(default=django.utils.timezone.now),
+        ),
+        migrations.AlterField(
+            model_name="passwordhistory",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.PROTECT,
+                related_name="password_history",
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="recoverytoken",
+            name="created_on",
+            field=models.DateTimeField(default=django.utils.timezone.now),
+        ),
+        migrations.AlterField(
+            model_name="recoverytoken",
+            name="token",
+            field=models.CharField(max_length=32, unique=True),
+        ),
+        migrations.AlterField(
+            model_name="recoverytoken",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.PROTECT, related_name="recovery_tokens", to=settings.AUTH_USER_MODEL
+            ),
+        ),
+    ]
diff --git a/smartmin/users/models.py b/smartmin/users/models.py
index d534e7d..17224dc 100644
--- a/smartmin/users/models.py
+++ b/smartmin/users/models.py
@@ -19,22 +19,20 @@ def is_password_complex(password):
 
 
 class RecoveryToken(models.Model):
-    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT)
-    token = models.CharField(max_length=32, unique=True, default=None, help_text="token to reset password")
-    created_on = models.DateTimeField(auto_now_add=True)
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT, related_name="recovery_tokens")
+    token = models.CharField(max_length=32, unique=True)
+    created_on = models.DateTimeField(default=timezone.now)
 
 
 class FailedLogin(models.Model):
     username = models.CharField(max_length=256)
-    failed_on = models.DateTimeField(auto_now_add=True)
+    failed_on = models.DateTimeField(default=timezone.now)
 
 
 class PasswordHistory(models.Model):
-    user = models.ForeignKey(
-        settings.AUTH_USER_MODEL, on_delete=models.PROTECT, help_text="The user that set a password"
-    )
-    password = models.CharField(max_length=255, help_text="The hash of the password that was set")
-    set_on = models.DateTimeField(auto_now_add=True, help_text="When the password was set")
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT, related_name="password_history")
+    password = models.CharField(max_length=255)  # the hash
+    set_on = models.DateTimeField(default=timezone.now)
 
     @classmethod
     def is_password_repeat(cls, user, password):