I've implemented password reset using Authlogic basically following
Everything works fine except if the user leaves both the password and
password_confirmation as blank no errors are generated.
I read the docs and I understand that this is how it's suppose to work
by default authlogic ignores blank password. For example when a user
is editing his profile they might leave the password blank which means
no change to the password.
For password reset the password needs to validated. Is there a way to
configure authlogic to validate password only during password reset.