i had a zoom call with people to discuss a major vulnerability i found.
comments
Highlighted comment
all i know is apparently i logged into an account with a password even though the account had no password assigned, and then you gave me a warning
that sounds more like the user configured their account wrong. right now its possible for someone to set their password to be blank (which is different from disabling password login).