Recently the long awaited update to Apple’s OSX was released in the form of ‘LION’. However Apple seem to have gone back in time with their implementation of password security on Lion.
Directory Services in OSX used to require authentication when requesting a password change, but this is no longer the case in Lion.
In order to change the password of the currently logged in user all you need to type is:
$ dscl localhost -passwd /Search/Users/Jon
(where Jon is the current user)
Now although this requires a machine to be left unlocked, how many times do you you see a Mac left unlocked on someones desk???