public ActionResult UpdatePassword(StudentUpdatePassword student) { if (student.Password == null) { return(View(student)); } //Get password details for currently logged in Student StudentUpdatePassword currentStudent = studentContext.GetPassword(Convert.ToInt32(HttpContext.Session.GetInt32("StudentID"))); var sha1 = new SHA1CryptoServiceProvider(); var hash = sha1.ComputeHash(Encoding.UTF8.GetBytes(student.Password)); string hashedPassword = BitConverter.ToString(hash).Replace("-", string.Empty).ToLower(); //if password DOES NOT match the database password... if (hashedPassword != currentStudent.Password) { ViewData["Message"] = "Current Password Is Incorrect!"; return(View(student)); } //else continue what is needed to be done if (ModelState.IsValid) { //checks whether the password is the same if (student.NewPassword == student.ConfirmPassword) { //Checks the password whether it contains a digit, hashes the password using SHA-1 and updates the password into the database if (studentContext.ChangePassword(student)) { ViewData["Message"] = "Password Changed Successfully!"; return(View(student)); } } //if password does not match else { ViewData["Message"] = "Password Does Not Match!"; return(View(student)); } } //if password field is empty OR does not match the required model from Lecturer.cs, return to view with error message ViewData["Message"] = "Password Field Did Not Meet Requirements!"; return(View(student)); }