Re: [keycloak-dev] Cleanup of 'Change password' screen in Account app

2. remove validation of current password (remove "Password" field). Two reasons for this: - security impact of this check is small. If attacker is able to compromise Account app then he can always change email and then use "Forgot password" feature to change password - user created over Identity Provider do not know old password (because it is not set) so he is not able to set password using this screen After we implement support for reauthentication (KEYCLOAK-2076) then we should set some reasonable reauth timeout for Account app instead, this will make it more secure at all.