By your argument users should not be prompted for their current password to change their password as that would provide them with a false sense of security. Or I guess now that they can just go and look up your password…
By your argument users should not be prompted for their current password to change their password as that would provide them with a false sense of security. Or I guess now that they can just go and look up your password…