--- loncom/interface/lonpreferences.pm	2021/03/06 19:44:54	1.196.4.27
+++ loncom/interface/lonpreferences.pm	2021/12/14 00:30:54	1.196.4.28
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Preferences
 #
-# $Id: lonpreferences.pm,v 1.196.4.27 2021/03/06 19:44:54 raeburn Exp $
+# $Id: lonpreferences.pm,v 1.196.4.28 2021/12/14 00:30:54 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1230,7 +1230,8 @@ sub passwordchanger {
     # This function is a bit of a mess....
     # Passwords are encrypted using londes.js (DES encryption)
     $errormessage = ($errormessage || '');
-    my ($user,$domain,$currentpass);
+    my ($user,$domain,$currentpass,$clientip);
+    $clientip = &Apache::lonnet::get_requestor_ip($r);
     &Apache::lonhtmlcommon::add_breadcrumb(
 		{ href => '/adm/preferences?action=changepass',
                   text => 'Change Password'});
@@ -1245,7 +1246,7 @@ sub passwordchanger {
             $caller = 'preferences';
         }
         my ($blocked,$blocktext) =
-            &Apache::loncommon::blocking_status('passwd');
+            &Apache::loncommon::blocking_status('passwd',$clientip);
         if ($blocked) {
             $r->print('<p class="LC_warning">'.$blocktext.'</p>');
             return;
@@ -1267,7 +1268,7 @@ sub passwordchanger {
                 $domain = $data{'domain'};
                 $currentpass = $data{'temppasswd'};
                 my ($blocked,$blocktext) =
-                    &Apache::loncommon::blocking_status('passwd',$user,$domain);
+                    &Apache::loncommon::blocking_status('passwd',$clientip,$user,$domain);
                 if ($blocked) {
                     $r->print('<p class="LC_warning">'.$blocktext.'</p>');
                     return;
@@ -1588,7 +1589,7 @@ sub server_form {
 
 sub verify_and_change_password {
     my ($r,$caller,$mailtoken,$timelimit,$extrafields,$ended) = @_;
-    my ($user,$domain,$homeserver);
+    my ($user,$domain,$homeserver,$clientip);
     if ($caller eq 'reset_by_email') {
         $user       = $env{'form.uname'};
         $domain     = $env{'form.udom'};
@@ -1611,8 +1612,9 @@ sub verify_and_change_password {
         $domain     = $env{'user.domain'};
         $homeserver = $env{'user.home'};
     }
+    $clientip = &Apache::lonnet::get_requestor_ip($r);
     my ($blocked,$blocktext) =
-        &Apache::loncommon::blocking_status('passwd',$user,$domain);
+        &Apache::loncommon::blocking_status('passwd',$clientip,$user,$domain);
     if ($blocked) {
         $r->print('<p class="LC_warning">'.$blocktext.'</p>');
         if ($caller eq 'reset_by_email') {