public bool ChangePassword(int userId, string oldPassword, string newPassword) { var user = this.userRepository.GetById(userId); if (this.cryptoProvider.ComparePassword(user.Credentials.Passwordhash, user.Credentials.Salt, oldPassword)) { user.Credentials.Passwordhash = this.cryptoProvider.CreateCryptoPassword( newPassword, user.Credentials.Salt); this.userRepository.UpdateUser(user); return true; } return false; }