Index: openacs-4/packages/acs-subsite/www/user/password-update.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/user/password-update.tcl,v
diff -u -r1.27 -r1.27.2.1
--- openacs-4/packages/acs-subsite/www/user/password-update.tcl	7 Apr 2018 19:30:45 -0000	1.27
+++ openacs-4/packages/acs-subsite/www/user/password-update.tcl	1 Mar 2019 15:05:19 -0000	1.27.2.1
@@ -22,10 +22,10 @@
     # If old_password is set, this is a user who has had his password recovered,
     # so they won't be authenticated yet.
 } else {
-    set level [ad_decode [security::RestrictLoginToSSLP] 1 "secure" "ok"]
+    set level [expr {[security::RestrictLoginToSSLP] ? "secure" : "ok"}]
 
     # If the user is changing passwords for another user, they need to be account ok
-    set account_status [ad_decode $user_id [ad_conn untrusted_user_id] "closed" "ok"]
+    set account_status [expr {$user_id == [ad_conn untrusted_user_id] ? "closed" : "ok"}]
 
     auth::require_login \
         -level $level \