I would suggest that the user of the service only needs to input values to be changed, instead of inputting every single value (including those that shouldn't be changed).
One of the current problems is that the password will be re-salted and re-hashed every time. So if you don't send the real, un-hashed password every time you want to edit, the password will be changed.
I would suggest that the user of the service only needs to input values to be changed, instead of inputting every single value (including those that shouldn't be changed).
One of the current problems is that the password will be re-salted and re-hashed every time. So if you don't send the real, un-hashed password every time you want to edit, the password will be changed.