diff --git a/app/routes/user/update.js b/app/routes/user/update.js
index 3ebfab2..c9de5de 100644
--- a/app/routes/user/update.js
+++ b/app/routes/user/update.js
@@ -12,27 +12,22 @@ module.exports = (req, res, next) => {
       return next({ status: 401, message: 'User does not exists.' });
     }
 
-    if (req.body.password) {
+    if (req.body.password && req.body.new_password) {
       bcrypt.compare(req.body.password, user.password, (error, result) => {
         if (!result || error) {
           return next(
             {
               status: 401,
               message: 'Authentication failed. Wrong password.',
-            }
+            },
           );
         }
 
-        if (req.body.password === req.body.new_password) {
-          return next(
-            {
-              status: 401,
-              message: 'New password must be different than old password.',
-            }
-          );
-        }
+        return bcrypt.hash(req.body.new_password, null, null, (hashErr, hash) => {
+          userObj.password = hash;
 
-        userObj.password = bcrypt.hashSync(req.body.new_password);
+          return userObj.save(() => res.status(200).json(userObj));
+        });
       });
     } else {
       userObj.firstname = req.body.firstname || userObj.firstname;
diff --git a/app/validation/user/update.js b/app/validation/user/update.js
index 7b1c56c..64b6feb 100644
--- a/app/validation/user/update.js
+++ b/app/validation/user/update.js
@@ -28,6 +28,15 @@ module.exports = (req, res, next) => {
       });
     }
 
+    /*if (req.body.password && req.body.password === req.body.new_password) {
+      return next(
+        {
+          status: 401,
+          message: 'New password must be different than old password.',
+        },
+      );
+    }*/
+
     return next();
   });
 };