Why you click "Forgot my password" and they email it to you.
I always find these types of posts frustrating. Apart from your desktop password, a password manager solves a lot of these issues. Just make the password manager super secure, use 2fa and then auto generate all other passwords.
Why does this happen though? I always wondered why is it that a platform recognises your old password only when you are trying to change it
Microscopic trolls inside the internet tubes. I think that's the technical term.
Because it runs the hash again on the new password against the old one, if it matches the old one you are told to change it as you used the old password again.
Yes yes but I don't mean when I'm told to change one. I mean when I'm trying to login as usual, password doesn't work, so I change it. Just to test of the password I was using was wrong, that's what I use first- and it's rejected.
I remember Epic would do this on a DAILY basis at some point last year. It was so irritating. "Ah yes the brand new password from yesterday that worked yesterday but that we didn't recognise on the login page today? Well we do recognise here on the reset, jokes on you!"
