diff --git a/routes/routes.js b/routes/routes.js
index 682cab25f50d01860288abcf027b065dfd0c0b91..e3d7e1d2b707b29079c6688837750b2879c345dd 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -103,14 +103,14 @@ module.exports = function (app, config, passport) {
   app.get('/login',
     passport.authenticate(config.passport.strategy,
       {
-        successRedirect: '/account',
-        failureRedirect: '/login'
+        successRedirect: '/account/',
+        failureRedirect: '/account/login'
       })
   );
 
   app.get('/logout', function (req, res) {
     if (req.user == null) {
-      return res.redirect('/');
+      return res.redirect('/account/');
     }
     
     req.user.nameID = req.user.id;
@@ -141,7 +141,7 @@ module.exports = function (app, config, passport) {
         }
       })
     } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
     }
   });
 
@@ -205,7 +205,7 @@ module.exports = function (app, config, passport) {
         }
       ])
     } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
     }
   });
 
@@ -216,7 +216,7 @@ module.exports = function (app, config, passport) {
         user: req.user // useful for view engine, useless for HTML
       });
     } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
     }
   });
 
@@ -241,11 +241,11 @@ module.exports = function (app, config, passport) {
             else {
               req.flash('success', 'Profile updated!');
             }
-            res.redirect('/profile');
+            res.redirect('/account/profile');
         })
       }
     } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
     }
   });
   
@@ -254,6 +254,7 @@ module.exports = function (app, config, passport) {
       var currPwd = req.body.inputCurrPwd
       var newPwd = req.body.inputNewPwd
       var retypePwd = req.body.inputConfirm
+<<<<<<< 718d94b9d7028442893b0b248c85cffd5195be05
 
       methods.getUserIdByEmail(req.user.email, function(userId, err) {
         if (!err) {
@@ -262,6 +263,48 @@ module.exports = function (app, config, passport) {
             if (err) {
               res.redirect('/500')
               throw err
+=======
+      
+      // Load hashed passwd from DB.
+      dbconn.user.query('SELECT password FROM user WHERE email="'+req.user.email+'"', function (err, rows, fields) {
+        if (err) {
+          res.redirect('/account/500')
+          throw err
+        }
+        var userPwd = rows[0].password
+
+        // check if the password is correct
+        bcrypt.compare(currPwd, userPwd, function(err, isMatch) {
+          if (err) {
+            res.redirect('/account/500')
+            throw err
+          }
+          else if (!isMatch) {
+            req.flash('error', "Sorry, your password was incorrect. Please double-check your password.")
+            res.redirect('/account/security')
+          } else {
+            if ( newPwd != retypePwd ) {
+              req.flash('error', "Passwords do no match. Please make sure you re-type your new password correctly.")
+              res.redirect('/account/security')
+            }
+            else {
+              // update password
+              bcrypt.genSalt(saltRounds, function(err, salt) {
+                bcrypt.hash(newPwd, salt, function(err, hash) {
+                  methods.updatePassword(hash, req.user.email, function(err){
+                    if (err) {
+                      req.flash('error', "Database error: Password cannot be modified.")
+                      throw err
+                    }
+                    else {
+                      req.flash('success', "Pasword updated!")
+                      console.log('pasword updated!')
+                    }
+                    res.redirect('/account/security')
+                  })
+                });
+              });
+>>>>>>> changed redirect paths relative to account
             }
             var userPwd = rows[0].password
 
@@ -305,11 +348,17 @@ module.exports = function (app, config, passport) {
               }
           }) 
         })
+<<<<<<< 718d94b9d7028442893b0b248c85cffd5195be05
         }
       })  
     }
     else {
       res.redirect('/login');
+=======
+      })
+    } else {
+      res.redirect('/account/login');
+>>>>>>> changed redirect paths relative to account
     }
   });
 
@@ -375,7 +424,7 @@ module.exports = function (app, config, passport) {
       else {
         req.flash('success', 'An e-mail has been sent to ' + emailAddress + ' with further instructions.');
       }
-      res.redirect('/forgotPwd');
+      res.redirect('/account/forgotPwd');
     });
   });
 
@@ -384,7 +433,7 @@ module.exports = function (app, config, passport) {
       //console.log(user);
       if (!user) {
         req.flash('error', 'Password reset token is invalid or has expired.');
-        res.redirect('/forgotPwd');
+        res.redirect('/account/forgotPwd');
       }
       else {
         res.render('reset');
@@ -422,9 +471,10 @@ module.exports = function (app, config, passport) {
       }
     });
    
-    res.redirect('/login')
+    res.redirect('/account/login')
   });
 
+<<<<<<< 718d94b9d7028442893b0b248c85cffd5195be05
   // todo: user registration with captcha
   app.get('/registration', function(req, res) {
     res.render('registration')
@@ -446,6 +496,11 @@ module.exports = function (app, config, passport) {
       industry: req.body.inputIndustry,
       speciality: req.body.inputSpeciality,
       createdDate: curDate.toISOString().slice(0,10)
+=======
+  app.get('/logout', function (req, res) {
+    if (req.user == null) {
+      return res.redirect('/account/');
+>>>>>>> changed redirect paths relative to account
     }
     // encrypt password
     bcrypt.genSalt(saltRounds, function(err, salt) {
@@ -481,4 +536,4 @@ module.exports = function (app, config, passport) {
     })
   })
 
-};
\ No newline at end of file
+};