public bool VerifyAccount(User person, string password)
{
string passwordHash = _cryptographer.HashPassword(password, person.PasswordSalt);
return(passwordHash == person.Password && !person.HasExpired() && person.Approved == true);
}