encryption etiquette

Hello,
after a user has entered the required encryption-key, if she/he wants to change it, should he be asked again for the key in order to proceed and change it, or is this step redundant?
Thanks.

I believe it’s a common practice for security.
I’d do it.

Absolutely request it again. Consider the scenario where a user had logged in and had been called away without logging out. If you don’t re-request the key anyone could change it.

I would also add: make the user enters the new encryption key in twice (in two separate TextField’s) and make sure that both strings match using StrComp (remember that Xojo string comparison is non-case sensitive so you have to use StrComp).

http://documentation.xojo.com/index.php/StrComp

Thank you all for the suggestions and clarification.