Yes, they do — in fact, there are four or five independent affirmations:
- Clicking the Edit /
button, which communicates an intent to make modifications. - Clicking the
icon in the Password field, which by itself directly communicates an intent to change the password. - [Desktop app only] Clicking Yes in response to the “Overwrite Password” prompt.
- Clicking Use this password to replace the old password.
- Clicking Save to explicitly confirm that changes made should be kept.
The only changes relative to the old UI is that the “Select” button has now been renamed to “Use this password”, and that in the browser extension, the superfluous prompt in Affirmation #3 has thankfully been eliminated.
If your argument is that a user may be intending to edit a different field (not the password), then that only removes Affirmation #1 and Affirmation #5 — there are still two or three independent affirmations that the user intends to update the password (and a safety hatch, as previously described).
I think you may have been talking about what happens when a user manually edits the password, and by now have realized that the old UI also never provided a warning for this action. Personally, I wouldn’t mind if a warning is shown only when manually editing a password field. But such a warning should state the following:
Edit: Minor revisions to make distinctions between the behavior in the Desktop app and in the browser extension.