User update page request
The userupdate.php page generated by the wizard needs to contain the option to not require the password, and if the password is not entered, it is not changed.
This is pretty common practice on account update pages that contain a password. Your current scenario requires the user to enter their password twice every time they want to make an update to their data.
What do you think?