Comment 5 for bug 1791111

Horizon needs to implement a "change password form" (or a user must use the /v3/users/password API directly) that does not require direct (normal token) login first. * [in addendum to comment #3]