First of all, I would NEVER use JavaScript for login pages.
It's simply not meant to do it and this script could be "hacked" by anyone who knows how to view the source.
Back to the problem,
if you still want to use this script, I need to see it with the changes applied.
As it looks now I don't see any problem with it. Did not actually run the code tho.
If you use slashes/backslashes in the strings imgSubmit="" and imgReset="", it might help if you put a backslash (\) in front of all of them to make the script engine interpret it literally instead of as a special character.