diff --git a/src/Service/User.php b/src/Service/User.php
index 0083d25a..8a008671 100644
--- a/src/Service/User.php
+++ b/src/Service/User.php
@@ -283,6 +283,7 @@ public function changePassword(AccountChangePassword $changePassword, UserContex
         }
 
         // assert password complexity
+        $this->validator->assertPassword($oldPassword);
         $this->validator->assertPassword($newPassword);
 
         // change password
diff --git a/src/Service/User/Validator.php b/src/Service/User/Validator.php
index 3ed7dbf4..5fa819b4 100644
--- a/src/Service/User/Validator.php
+++ b/src/Service/User/Validator.php
@@ -136,7 +136,7 @@ public function assertPassword($password, $minLength = null, $minAlpha = null, $
         $minNumeric = $minNumeric ?? 0;
         $minSpecial = $minSpecial ?? 0;
 
-        // it is not possible to user passwords which have less then 8 chars
+        // it is not possible to use passwords which have less than 8 chars
         if ($minLength < 8) {
             $minLength = 8;
         }