diff --git a/src/js/account/login.js b/src/js/account/login.js
index 9da6be9..298d241 100644
--- a/src/js/account/login.js
+++ b/src/js/account/login.js
@@ -146,6 +146,7 @@ export function updateAccountData(userData) {
     action: 'set-user-data',
     userData,
   }, successData => {
+    document.getElementById('accountSettingsNewPassword').value = '';
     addMessage('Successfully Updated Account Data');
   }, error => {
     addMessage(error, undefined, 'error');
diff --git a/src/js/account/render.js b/src/js/account/render.js
index f076260..4e44120 100644
--- a/src/js/account/render.js
+++ b/src/js/account/render.js
@@ -58,7 +58,9 @@ export function renderAccountSettings() {
   const accountSettingsHTML = `<h3>Account Settings</h3>
   <label>Email Address<br><input id="accountSettingsEmail" required maxlength="100" value="${window.account.email}"></label>
   <label>Public Name<br><input id="accountSettingsPublicName" placeholder="Someone" maxlength="50" value="${window.account.publicName}"></label>
-  <label>Allow Emails <input type="checkbox" id="accountSettingsAllowEmails"${window.account.allowEmails ? ' checked' : ''}></label>`;
+  <label>Allow Emails <input type="checkbox" id="accountSettingsAllowEmails"${window.account.allowEmails ? ' checked' : ''}></label>
+  <label>New Password <small>Only fill if changing!</small><br><input type="password" id="accountSettingsNewPassword" placeholder="Leave Blank to Prevent Change"></label>
+  `;
   accountSettingsColumn.innerHTML = accountSettingsHTML;
 }
 
diff --git a/src/js/settings.js b/src/js/settings.js
index f7f7f2c..61f5ad4 100644
--- a/src/js/settings.js
+++ b/src/js/settings.js
@@ -42,7 +42,9 @@ export function saveSettingsModal() {
       window.account.publicName = removeTags(publicName.value).trim();
       window.account.allowEmails = document.getElementById('accountSettingsAllowEmails').checked;
 
-      account.editAccount(window.account);
+      const newPassword = document.getElementById('accountSettingsNewPassword').value;
+
+      account.editAccount(Object.assign({ newPassword }, window.account));
     });
   }
 
diff --git a/src/php/api/User.php b/src/php/api/User.php
index 2cf569f..629e9a2 100644
--- a/src/php/api/User.php
+++ b/src/php/api/User.php
@@ -87,13 +87,18 @@ VALUES (?, ?, ?, ?, ?)';
     $token_data = $this->token->decode($token);
     if ($token_data !== false) {
       $user_id = $token_data->id;
-      $query = 'UPDATE users SET email=?, public_name=?, allow_email=? WHERE id=?';
+      $query = 'UPDATE users SET email=?, public_name=?, allow_email=?';
       $properties = array(
         $user_data['email'],
         $user_data['publicName'],
         $user_data['allowEmails'],
-        $user_id,
       );
+      if (isset($user_data['newPassword']) && $user_data['newPassword'] !== '') {
+        $query .= ', password=?';
+        $properties[] = password_hash($user_data['newPassword'], PASSWORD_DEFAULT);
+      }
+      $query .= ' WHERE id=?';
+      $properties[] = $user_id;
       $update_success = $this->db->execute($query, $properties);
       if ($update_success) {
         return true;