4d561c5f6a
The client protocol module can resolve whether a password was used based on the information the authenticators gather before authentication is done. It uses the authentication token length as the basis on which it makes the decision.