No verification asked in changing passcode

[haran2248]

Summary:

Summarize your issue here.

When the user tries to change the passcode the app should ask the user to enter the existing passcode to verify.

Steps to reproduce: How can we reproduce again the issue?

Go to EditProfile and click Change Passcode

Expected behavior:

What did you expect the app to do?

The app should ask me to enter the existing passcode before changing the passcode to a new one Observed behavior:

What did you see instead? Describe your issue in detail here.

The App doesnt ask me to verify the existing passcode so if a new user finds the app open he may change the passcode for his advantage.

Device and Android version:

What make and model device (e.g., Samsung Galaxy S3) did you encounter this on? What Android version (e.g., Android 4.0 Ice Cream Sandwich or Android 6.0 Marshmallow) are you running? Is it the stock version from the manufacturer or a custom ROM?

SM-M013F

Screenshots:

Can be created by pressing the Volume Down and Power Button at the same time on Android 4.0 and higher.

[Prashant830]

let's suppose Any person forgotten their existing passcode and he wants to create a new passcode?? and he also logged in the app?? @devansh-299 please check it..

[devansh-299]

fix#1233:Password verification before changing password added #1234

No @Prashant830, adding another step of security before allowing user to make any changes to passcode or credentials makes sense. Coming to the scenario you put forward, ideally such cases should be handled via fallbacks like email/phone verification like we do for account passwords