diff --git a/app/main/views/service_settings.py b/app/main/views/service_settings.py
index 81e218227..3e2897d98 100644
--- a/app/main/views/service_settings.py
+++ b/app/main/views/service_settings.py
@@ -64,7 +64,7 @@ def service_name_change_confirm(service_id):
 
     # Validate password for form
     def _check_password(pwd):
-        return verify_password(current_user, pwd)
+        return verify_password(current_user.id, pwd)
     form = ConfirmPasswordForm(_check_password)
 
     if form.validate_on_submit():
@@ -134,7 +134,7 @@ def service_status_change_confirm(service_id):
 
     # Validate password for form
     def _check_password(pwd):
-        return verify_password(current_user, pwd)
+        return verify_password(current_user.id, pwd)
     form = ConfirmPasswordForm(_check_password)
 
     if form.validate_on_submit():
@@ -183,7 +183,7 @@ def service_delete_confirm(service_id):
 
     # Validate password for form
     def _check_password(pwd):
-        return verify_password(current_user, pwd)
+        return verify_password(current_user.id, pwd)
     form = ConfirmPasswordForm(_check_password)
 
     if form.validate_on_submit():
diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py
index af96db8e9..3aed7a5ae 100644
--- a/app/main/views/sign_in.py
+++ b/app/main/views/sign_in.py
@@ -39,7 +39,7 @@ def _get_and_verify_user(email_address, password):
         return None
     elif not user.is_active():
         return None
-    elif not users_dao.verify_password(user, password):
+    elif not users_dao.verify_password(user.id, password):
         return None
     else:
         return user
diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py
index a1eeb3f1f..35420f7dc 100644
--- a/tests/app/main/views/test_sign_in.py
+++ b/tests/app/main/views/test_sign_in.py
@@ -31,6 +31,7 @@ def test_logged_in_user_redirects_to_choose_service(app_,
 
 
 def test_process_sign_in_return_2fa_template(app_,
+                                             api_user_active,
                                              mock_send_verify_code,
                                              mock_get_user,
                                              mock_get_user_by_email,
@@ -43,6 +44,7 @@ def test_process_sign_in_return_2fa_template(app_,
                 'password': 'val1dPassw0rd!'})
     assert response.status_code == 302
     assert response.location == 'http://localhost/two-factor'
+    mock_verify_password.assert_called_with(api_user_active.id, 'val1dPassw0rd!')
 
 
 def test_should_return_locked_out_true_when_user_is_locked(app_,