Comment by TZubiri

Comment by TZubiri 4 days ago

0 replies

View on Hacker News

Interesting. I guess you could do it on the frontend by asking for old and new passwords simultaneously and sending the hashes to the backend.

That said, it means that you can skip this check by hacking around the front end check haha