diff --git a/src/main/edu/wisc/doit/RpcNetidClient.php b/src/main/edu/wisc/doit/RpcNetidClient.php
index dd933267c921784d62cfb97d5cbc553224488d26..5eb63a44c713311d36db8fa1bf3c3f3765c9eb38 100644
--- a/src/main/edu/wisc/doit/RpcNetidClient.php
+++ b/src/main/edu/wisc/doit/RpcNetidClient.php
@@ -41,10 +41,14 @@ interface RpcNetidClient {
function credentialCheck ( $uid, \DateTime $birthdate, $wiscard = null );
/**
- * Checks that the password meets require criteria and then changes password if it meets criteria
+ * Changes the password for a given NetID
+ *
+ * <p><b>WARNING READ THIS IMPORTANT DO NOT SKIP:</b> This method DOES NOT check if the password
+ * meets complexity requirements. You MUST check the complexity using {@link RpcNetidClient::passwordChoicePolicyCheck}</p>
+ *
* @param string $uid the uid of the user to search for (typically the NetID)
* @param string $password the password to be checked for policy adherence and replace current password
- * @return bool True if password was changed successfully, false if password did not meet password criteria
+ * @return bool true if password was changed successfully, false otherwise
* @throws edu\wisc\doit\RpcNetidClientSoapException if unexpected response code from SOAP service
*/
function changePassword ( $uid, $password );
diff --git a/src/main/edu/wisc/doit/RpcNetidClientSoap.php b/src/main/edu/wisc/doit/RpcNetidClientSoap.php
index 1b4708eebe734c07b6db1c5d330eb42ec6b02c6f..f8de8062f7e360f624c187170245b54cf3dc9eb4 100644
--- a/src/main/edu/wisc/doit/RpcNetidClientSoap.php
+++ b/src/main/edu/wisc/doit/RpcNetidClientSoap.php
@@ -208,12 +208,12 @@ class RpcNetidClientSoap implements RpcNetidClient {
return true;
}
- if( $result->result === 401 ){
+ if( $result->result === 400 or $result->result === 401 ){
return false;
}
throw new RpcNetidClientSoapException("Unexpected status code: {$result->result}",
- RpcNetidClientSoapException::UNEXPECTED_STATUS_CODE );
+ RpcNetidClientSoapException::UNEXPECTED_STATUS_CODE );
}