-if ( $error ) {
- $cgi->param('error', $error);
- print $cgi->redirect(popurl(2). "svc_acct.cgi?". $cgi->query_string );
+my $error = '';
+
+# google captcha auth
+if ( $cgi->param('captcha_response') ) {
+ my $part_svc = $svcnum ?
+ $old->part_svc :
+ qsearchs( 'part_svc',
+ { 'svcpart' => $cgi->param('svcpart') }
+ );
+ my ($export) = $part_svc->part_export('acct_google');
+ if ( $export and
+ ! $export->captcha_auth($cgi->param('captcha_response')) ) {
+ $error = 'Re-enter the security word.';
+ }
+}
+
+$new->_password($old->_password) if $old;
+if ( $cgi->param('clear_password') eq '*HIDDEN*'
+ || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
+ die "fatal: no previous account to recall hidden password from!" unless $old;