It makes sense. It looks like they've just added this message: "If you refresh you will be automatically logged out since it isn't safe to keep your password on disk."

The funny thing to this is, that keeping the password on disk isn't proclaimed safe but sending each user the recovery code over plain text mail withouth encryption is...