diff --git a/Hcs.WebApp/Controllers/IdentityController.cs b/Hcs.WebApp/Controllers/IdentityController.cs
index 0ee2f39..e1bf463 100644
--- a/Hcs.WebApp/Controllers/IdentityController.cs
+++ b/Hcs.WebApp/Controllers/IdentityController.cs
@@ -91,6 +91,13 @@ namespace Hcs.WebApp.Controllers
         {
             var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
             var user = await userManager.FindByIdAsync(userId);
+
+            var isPasswordCorrect = await userManager.CheckPasswordAsync(user, oldPassword);
+            if (!isPasswordCorrect)
+            {
+                return BadRequest("Неверный текущий пароль");
+            }
+
             var result = await userManager.ChangePasswordAsync(user, oldPassword, newPassword);
             if (result.Succeeded)
             {