diff --git a/src/Auth.php b/src/Auth.php
index 25dcce9..788a78d 100644
--- a/src/Auth.php
+++ b/src/Auth.php
@@ -725,28 +725,6 @@ final class Auth extends UserManager {
 		}
 	}
 
-	/**
-	 * Updates the given user's password by setting it to the new specified password
-	 *
-	 * @param int $userId the ID of the user whose password should be updated
-	 * @param string $newPassword the new password
-	 * @throws AuthError if an internal problem occurred (do *not* catch)
-	 */
-	private function updatePassword($userId, $newPassword) {
-		$newPassword = \password_hash($newPassword, \PASSWORD_DEFAULT);
-
-		try {
-			$this->db->update(
-				$this->dbTablePrefix . 'users',
-				[ 'password' => $newPassword ],
-				[ 'id' => $userId ]
-			);
-		}
-		catch (Error $e) {
-			throw new DatabaseError();
-		}
-	}
-
 	/**
 	 * Attempts to change the email address of the currently signed-in user (which requires confirmation)
 	 *
diff --git a/src/UserManager.php b/src/UserManager.php
index fa56e3e..e6e5832 100644
--- a/src/UserManager.php
+++ b/src/UserManager.php
@@ -182,6 +182,28 @@ abstract class UserManager {
 		return $newUserId;
 	}
 
+	/**
+	 * Updates the given user's password by setting it to the new specified password
+	 *
+	 * @param int $userId the ID of the user whose password should be updated
+	 * @param string $newPassword the new password
+	 * @throws AuthError if an internal problem occurred (do *not* catch)
+	 */
+	protected function updatePassword($userId, $newPassword) {
+		$newPassword = \password_hash($newPassword, \PASSWORD_DEFAULT);
+
+		try {
+			$this->db->update(
+				$this->dbTablePrefix . 'users',
+				[ 'password' => $newPassword ],
+				[ 'id' => $userId ]
+			);
+		}
+		catch (Error $e) {
+			throw new DatabaseError();
+		}
+	}
+
 	/**
 	 * Called when a user has successfully logged in
 	 *