Using Basic Password services,
Developed a HTML form that does the POST (Old Password + NEW password + CONFIRM Password)to the smpwservices.fcc
Can we bypass the Old password and only post the NEW and CONFIRM password.
Idea is,
When the user enter his credentials, Password policy is triggered and he is redirected to change password page.
I don't want the user to enter his Current Password again in the change password form.
I tried with a html form posting to smpwservices.fcc with out Current password and it doesn't worked.
For valid authentication, Do we require both username + old_password? Is there a way to bypass the Old password in Change password page.
Thanks.