public bool VerifyPassword(string password)
{
// passwords are stored in plaintext. any contacts made through the webapp will not store the
// password but instead it's digest. we identify this by a prefix of 'encrypted:'.
string storedPassword = Password;
if (storedPassword.StartsWith(EncryptedPrefix))
{
return(Digests.CheckPassword(password, storedPassword.Substring(EncryptedPrefix.Length)));
}
return(password.Equals(storedPassword));
}