separated password variables at start of script for prompted passwords, the SecureToken admin, and the logged-in user (this allows more easily storing account credentials directly in the script (closes #8), though for security reasons this is not generally recommended)
moved password assignment inside until loops
changed password prompt dialog to function parameter