In fact, you were closer to the truth than the person you replied to.

The new standard uses a PAKE (password-authenticated key exchange) protocol. This type of cryptographic construct is similar to an unauthenticated key exchange protocol (such as Diffie-Hellman), but in addition succeeds only if both parties know the same password, without leaking any information about the password to a party if they don’t know it. At least one of the best-known PAKE algorithms, namely SRP, is quite similar to Diffie-Hellman in structure, although it’s not the one being used here (which I don’t know anything about).