Use the current_password not password field when verifying passwords.

Author: DaneEveritt

app/Http/Controllers/Base/AccountController.php

@@ -82,7 +82,7 @@ public function update(Request $request)
 
         if (
             in_array($request->input('do_action'), ['email', 'password'])
-            && ! password_verify($request->input('password'), $request->user()->password)
+            && ! password_verify($request->input('current_password'), $request->user()->password)
         ) {
             Alert::danger(trans('base.account.invalid_pass'))->flash();