+
+ $new->_password($old->_password) if $old;
+ if ( $cgi->param('clear_password') eq '*HIDDEN*'
+ || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
+ die "fatal: no previous account to recall hidden password from!"
+ unless $old;
+ } else {
+ my $newpass = $cgi->param('clear_password');
+ if ( !$old or ! $old->check_password($newpass) ) {
+ # then the password is being changed
+ $error ||= $new->is_password_allowed($newpass)
+ || $new->set_password($newpass);
+ }
+ }
+