Y
Hacker News
new
|
ask
|
show
|
jobs
by
dspillett
368 days ago
Yes, what I meant to say that it doesn't even have to be done server-side, so the fact it happens doesn't imply the server ever sees the old password beyond it's initial setting.