|
|
|
|
|
|
by rocqua
373 days ago
|
|
|
No, you can do it safely. The idea is to have the password renewal process also ask for the previous password. This means the password changing method doesn't need to store a plaintext password, but still has access to the old plaintext password when changing.
It's still not a great idea, but that's because nagging your users will see them choose worse passwords. |
|
|