As already said, no one changed the password at all.
If the password had been changed, it should have been displayed on BPIP and Security log. All password changes are reported there.
Sometimes it happens that we when are trying to login with the password we enter some wrong keywords that might also display the error because it's not visible to us and we have to double check it or the case might be he has forgotten his password and now he was able to change it.Moreover if someone has access to his account the security log would detect password change and he would have not been able to login on the forum again with the email.If the password had been changed, it should have been displayed on BPIP and Security log. All password changes are reported there.