Does anyone know why a check-object-password would always return a status level of success even when I know that the passwords are not the same?