Got it. So if I request a payment after changing the password, since the pool was modified, I'd get a different that the hypothetical attacker?
Thanks.
Assuming that the attacker had a copy of your wallet before you changed the password, then yes. The attacker would get a different address than you.