Or by generating the hashes of all expected permutations of the password the user has just set, and keeping them until the next password is set to compare against. Granted, that would be a prodigious number, but technically doable.
Vandalism is always reverted on SO, even if done by the original author. No knowledge is lost. Suing OA for violating the CC-BY license might be possible, but I’d wager SO is not interested in suing them, and since they hold the rights, not much can be done by others.