diff --git a/domain/user/endpoint.go b/domain/user/endpoint.go
index 622efe37..4900cc62 100644
--- a/domain/user/endpoint.go
+++ b/domain/user/endpoint.go
@@ -502,7 +502,7 @@ func (h *Handler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 	newPassword := string(body)
 
 	// can only update your own account unless you are an admin
-	if !ctx.Administrator || (!ctx.Administrator && userID != ctx.UserID) {
+	if !ctx.Administrator && userID != ctx.UserID {
 		response.WriteForbiddenError(w)
 		return
 	}