paraphrased and accurate enough>
Before:
We were told the primary verification is based on password strength. If your password was not easily hackable, then you can use email verification and login to change your password.
Currently:
Today's offering verified the email and offered a chance to provide "more information."
1) Password strength check can be easily automated.
^^^
A key part of my initial main point
2) How are they currently checking password strength, with what was offered today?
(I don't recall entering a password today, please tell me if I'm wrong)
I guess I'm just being dense but I don't follow...
Which part is a key part of your point? #1? ok so they aren't automating and that's why they're wasting time? That's your suggestion, that they automate password strength check? I'm now just completely confused.