diff --git a/app/Http/Controllers/ChangePasswordController.php b/app/Http/Controllers/ChangePasswordController.php
new file mode 100644
index 0000000..245883c
--- /dev/null
+++ b/app/Http/Controllers/ChangePasswordController.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use App\Http\Requests\Users\UpdatePasswordRequest;
+
+class ChangePasswordController extends Controller
+{
+    public function show()
+    {
+    	return view('users.change-password');
+    }
+
+    public function update(UpdatePasswordRequest $request)
+    {
+    	$user = \Auth::user();
+        $user->password = bcrypt($request->new_password);
+        
+        if ($user->save()) $updateResponse = array('success' => trans('auth.change_password_success'));
+        else $updateResponse = array('error' => trans('auth.change_password_error'));
+
+    	return redirect()->back()->with($updateResponse); 
+    }
+}
diff --git a/app/Http/Requests/Users/UpdatePasswordRequest.php b/app/Http/Requests/Users/UpdatePasswordRequest.php
new file mode 100644
index 0000000..dddc5ea
--- /dev/null
+++ b/app/Http/Requests/Users/UpdatePasswordRequest.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Requests\Users;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UpdatePasswordRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'old_password'  => 'min:6|max:15|current_password',
+            'new_password'  => 'min:6|max:15|same_password|confirmed',
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'old_password.current_password' => trans('passwords.old_password'),
+            'new_password.same_password' => trans('passwords.same_password'),
+        ];
+    }
+}
diff --git a/app/Http/Requests/Users/UpdateRequest.php b/app/Http/Requests/Users/UpdateRequest.php
index 6120915..e82c2b7 100644
--- a/app/Http/Requests/Users/UpdateRequest.php
+++ b/app/Http/Requests/Users/UpdateRequest.php
@@ -39,4 +39,12 @@ class UpdateRequest extends FormRequest
             'password'  => 'nullable|min:6|max:15',
         ];
     }
+
+    public function messages()
+    {
+        return [
+            'password.current_password'  => trans('passwords.old_password'),
+            'new_password.same_password' => trans('passwords.same_password'),
+        ];
+    }
 }
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 3a88480..d1e26f7 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -19,6 +19,18 @@ class AppServiceProvider extends ServiceProvider
         if($this->app->environment() === 'production') {
             $this->app['request']->server->set('HTTPS', true);
         }
+
+        \Validator::extend('current_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && \Hash::check($value, $user->password);
+        });
+
+        \Validator::extend('same_password', function ($attribute, $value, $parameters, $validator) {
+            $user = \Auth::user();
+
+            return $user && !\Hash::check($value, $user->password);
+        });
     }
 
     /**
diff --git a/resources/lang/en/auth.php b/resources/lang/en/auth.php
index 619bcaa..c97edf2 100644
--- a/resources/lang/en/auth.php
+++ b/resources/lang/en/auth.php
@@ -19,6 +19,7 @@ return [
     'password'                  => 'Password',
     'login'                     => 'Login',
     'logout'                    => 'Logout',
+    'back'                      => 'Back',
     'register'                  => 'Create new Account',
     'have_an_account'           => 'I have an Account',
     'need_account'              => 'Need an Account?',
@@ -30,4 +31,6 @@ return [
     'new_password'              => 'New Password',
     'new_password_confirmation' => 'Repeat New Password',
     'send_reset_password_link'  => 'Send Reset Password Link',
+    'change_password_success'   => 'Your password has changed',
+    'change_password_error'    => 'Uh-oh, change password failed',
 ];
diff --git a/resources/lang/en/passwords.php b/resources/lang/en/passwords.php
index ffa19ba..58420ea 100644
--- a/resources/lang/en/passwords.php
+++ b/resources/lang/en/passwords.php
@@ -18,5 +18,6 @@ return [
     'sent'     => 'We have e-mailed your password reset link!',
     'token'    => 'This password reset token is invalid.',
     'user'     => "We can't find a user with that e-mail address.",
-
+    "old_password" => "Your current password does not matches with the password you provided. Please try again.",
+    "same_password" => "New password cannot be same as your current password. Please choose a different password."
 ];
diff --git a/resources/lang/id/auth.php b/resources/lang/id/auth.php
index ced9b61..eb08388 100644
--- a/resources/lang/id/auth.php
+++ b/resources/lang/id/auth.php
@@ -19,6 +19,7 @@ return [
     'password'                  => 'Password',
     'login'                     => 'Login',
     'logout'                    => 'Keluar',
+    'back'                      => 'Kembali',
     'register'                  => 'Buat Akun Baru',
     'have_an_account'           => 'Saya sudah punya Akun',
     'need_account'              => 'Belum punya Akun?',
@@ -30,4 +31,6 @@ return [
     'new_password'              => 'Password Baru',
     'new_password_confirmation' => 'Ulangi Password Baru',
     'send_reset_password_link'  => 'Kirim Link Reset Password',
+    'change_password_success'   => 'Password Anda sudah berhasil di ubah.',
+    'change_password_error'     => 'Awww, sistem gagal merubah password Anda',
 ];
diff --git a/resources/lang/id/passwords.php b/resources/lang/id/passwords.php
index 537a674..2682785 100644
--- a/resources/lang/id/passwords.php
+++ b/resources/lang/id/passwords.php
@@ -18,5 +18,7 @@ return [
     "sent"      => "Kami sudah mengirim email yang berisi tautan untuk mereset Password Anda!",
     "token"     => "Token Reset Password tidak sah.",
     "user"      => "Kami tidak dapat menemukan pengguna dengan email tersebut.",
+    "old_password" => "Password yang Anda masukan tidak sesuai dengan password yang tersimpan. Silahkan coba kembali.",
+    "same_password" => "Password baru Anda tidak boleh sama dengan password lama. Silahkan pilih password yang berbeda."
 
 ];
diff --git a/resources/views/layouts/partials/nav.blade.php b/resources/views/layouts/partials/nav.blade.php
index 116cf73..e8727d6 100644
--- a/resources/views/layouts/partials/nav.blade.php
+++ b/resources/views/layouts/partials/nav.blade.php
@@ -40,6 +40,7 @@
                         <ul class="dropdown-menu" role="menu">
                             <li><a href="{{ route('backups.index') }}">{{ trans('backup.list') }}</a></li>
                             <li><a href="{{ route('profile') }}">{{ trans('app.my_profile') }}</a></li>
+                            <li><a href="{{ route('profile.change-password.form') }}">{{ trans('auth.change_password') }}</a></li>
                             <li>
                                 <a href="{{ route('logout') }}"
                                     onclick="event.preventDefault();
diff --git a/resources/views/users/change-password.blade.php b/resources/views/users/change-password.blade.php
new file mode 100644
index 0000000..7c99ff9
--- /dev/null
+++ b/resources/views/users/change-password.blade.php
@@ -0,0 +1,74 @@
+@extends('layouts.app')
+
+@section('content')
+<div class="container">
+    <div class="row">
+        <div class="col-md-8 col-md-offset-2">
+            <div class="panel panel-default">
+                <div class="panel-heading">{{ trans('auth.change_password') }}</div>
+
+                <div class="panel-body">
+                    @if (session('success') or session('error'))
+                        <div class="alert alert-{{ session('success') ? 'success' : 'danger' }}">
+                            {{ session('success') ?: session('error')}}
+                        </div>
+                    @endif
+                    <form class="form-horizontal" role="form" method="POST" action="{{ route('profile.change-password.update') }}">
+                        {{ csrf_field() }}
+                        <div class="form-group{{ $errors->has('old_password') ? ' has-error' : '' }}">
+                            <label for="old_password" class="col-md-4 control-label">{{ trans('auth.old_password') }}</label>
+
+                            <div class="col-md-6">
+                                <input id="old_password" type="password" class="form-control" name="old_password" placeholder="******">
+
+                                @if ($errors->has('old_password'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('old_password') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+
+                        <div class="form-group{{ $errors->has('new_password') ? ' has-error' : '' }}">
+                            <label for="new_password" class="col-md-4 control-label">{{ trans('auth.new_password') }}</label>
+
+                            <div class="col-md-6">
+                                <input id="new_password" type="password" class="form-control" name="new_password" placeholder="******">
+
+                                @if ($errors->has('new_password'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('new_password') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+
+                        <div class="form-group{{ $errors->has('new_password_confirmation') ? ' has-error' : '' }}">
+                            <label for="new_password-confirm" class="col-md-4 control-label">{{ trans('auth.new_password_confirmation') }}</label>
+                            <div class="col-md-6">
+                                <input id="new_password-confirm" type="password" class="form-control" name="new_password_confirmation" placeholder="******">
+
+                                @if ($errors->has('new_password_confirmation'))
+                                    <span class="help-block">
+                                        <strong>{{ $errors->first('new_password_confirmation') }}</strong>
+                                    </span>
+                                @endif
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <div class="col-md-6 col-md-offset-4">
+                                <button type="submit" class="btn btn-primary">
+                                    {{ trans('auth.change_password') }}
+                                </button>
+                                <a href="{{ url()->previous() }}" class="btn">
+                                    {{ trans('auth.back') }}
+                                </a>
+                            </div>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+@endsection
diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php
index 99109c9..479281a 100644
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@@ -89,7 +89,7 @@
                 <div class="panel-heading"><h3 class="panel-title">{{ trans('app.login_account') }}</h3></div>
                 <div class="panel-body">
                     {!! FormField::email('email', ['label' => trans('auth.email'), 'placeholder' => trans('app.example').' nama@mail.com']) !!}
-                    {!! FormField::text('password', ['label' => trans('auth.password'), 'placeholder' => '******', 'value' => '']) !!}
+                    {!! FormField::password('password', ['label' => trans('auth.old_password'), 'placeholder' => '******', 'value' => '']) !!}
                 </div>
             </div>
             <div class="text-right">
diff --git a/routes/web.php b/routes/web.php
index d0a974b..4265ef6 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -24,6 +24,9 @@ Route::post('family-actions/{user}/add-wife', 'FamilyActionsController@addWife')
 Route::post('family-actions/{user}/add-husband', 'FamilyActionsController@addHusband')->name('family-actions.add-husband');
 Route::post('family-actions/{user}/set-parent', 'FamilyActionsController@setParent')->name('family-actions.set-parent');
 
+Route::get('profile/update-password', 'ChangePasswordController@show')->middleware('auth')->name('profile.change-password.form');
+Route::post('profile/update-password', 'ChangePasswordController@update')->middleware('auth')->name('profile.change-password.update');
+
 Route::get('profile-search', 'UsersController@search')->name('users.search');
 Route::get('users/{user}', 'UsersController@show')->name('users.show');
 Route::get('users/{user}/edit', 'UsersController@edit')->name('users.edit');
diff --git a/tests/CreatesApplication.php b/tests/CreatesApplication.php
index 547152f..1ea241a 100644
--- a/tests/CreatesApplication.php
+++ b/tests/CreatesApplication.php
@@ -16,6 +16,7 @@ trait CreatesApplication
         $app = require __DIR__.'/../bootstrap/app.php';
 
         $app->make(Kernel::class)->bootstrap();
+        \Hash::setRounds(4);
 
         return $app;
     }
diff --git a/tests/Feature/ChangePasswordTest.php b/tests/Feature/ChangePasswordTest.php
new file mode 100644
index 0000000..546003a
--- /dev/null
+++ b/tests/Feature/ChangePasswordTest.php
@@ -0,0 +1,55 @@
+<?php
+
+namespace Tests\Feature\Auth;
+
+use Tests\TestCase;
+use Illuminate\Foundation\Testing\DatabaseMigrations;
+
+class ChangePasswordTest extends TestCase
+{
+    use DatabaseMigrations;
+
+    /** @test */
+    public function user_can_change_password()
+    {
+        $user = $this->loginAsUser(['password' => bcrypt('secret')]);
+
+        $this->visit(route('home'));
+        $this->click(trans('auth.change_password'));
+
+        $this->submitForm(trans('auth.change_password'), [
+            'old_password'              => 'secret',
+            'new_password'              => 'rahasia',
+            'new_password_confirmation' => 'rahasia',
+        ]);
+
+        $this->seeText(trans('auth.change_password_success'));
+
+        $this->assertTrue(
+            app('hash')->check('rahasia', $user->password),
+            'The password should changed!'
+        );
+    }
+
+    /** @test */
+    public function user_cannot_change_password_if_old_password_wrong()
+    {
+        $user = $this->loginAsUser(['password' => bcrypt('secret')]);
+
+        $this->visit(route('home'));
+        $this->click(trans('auth.change_password'));
+
+        $this->submitForm(trans('auth.change_password'), [
+            'old_password'              => 'member1',
+            'new_password'              => 'rahasia',
+            'new_password_confirmation' => 'rahasia',
+        ]);
+
+        $this->seeText(trans('passwords.old_password'));
+
+        $this->assertTrue(
+            app('hash')->check('secret', $user->password),
+            'The password shouldn\'t changed!'
+        );
+    }
+}