The GetPasswordHashKey Web service calls the getPasswordHashKey method in the underlying atg.userprofiling.ProfileServices implementation.
The getPasswordHashKey method acts as follows:
Returns null if not called in the context of a request.
Sets up session attributes to indicate that a password encryption conversation has started.
If the password hasher does not support hash keys, this method returns null (in other words,
PasswordHasher.getPasswordHashKey()returns null). If hash keys are supported, the method returns the value provided by the password hasher and sets that hash key as a session attribute of the current session.
For more information on the way this method is used, refer to Using Client-Side Password Encryption.
