diff --git a/cps/templates/user_edit.html b/cps/templates/user_edit.html
index abe5e9c8..142adfb2 100644
--- a/cps/templates/user_edit.html
+++ b/cps/templates/user_edit.html
@@ -13,10 +13,12 @@
       <label for="email">Email address</label>
       <input type="email" class="form-control" name="email" id="email" value="{{ content.email if content.email != None }}" required> 
     </div>
+    {% if g.user and g.user.role_passwd() or g.user.role_admin()%}
     <div class="form-group">
       <label for="password">Password</label>
       <input type="password" class="form-control" name="password" id="password" value="">
     </div>
+    {% endif %}
     <div class="form-group">
       <label for="kindle_mail">Kindle E-Mail</label>
       <input type="text" class="form-control" name="kindle_mail" id="kindle_mail" value="{{ content.kindle_mail if content.kindle_mail != None }}">
@@ -38,6 +40,10 @@
       <label for="edit_role">Allow Edit</label>
       <input type="checkbox" name="edit_role" id="edit_role" {% if content.role_edit() %}checked{% endif %}>
     </div>
+    <div class="form-group">
+      <label for="passwd_role">Allow Changing Password</label>
+      <input type="checkbox" name="passwd_role" id="passwd_role" {% if content.role_passwd() %}checked{% endif %}>
+    </div>
     {% endif %}
     {% if g.user and g.user.role_admin() and not profile and not new_user %}
     <div class="checkbox">
diff --git a/cps/templates/user_list.html b/cps/templates/user_list.html
index 226974e4..567337e8 100644
--- a/cps/templates/user_list.html
+++ b/cps/templates/user_list.html
@@ -12,6 +12,7 @@
         <th>Download</th>
         <th>Upload</th>
         <th>Edit</th>
+        <th>Passwd</th>
 
     </tr>
     {% for user in content %}
@@ -24,6 +25,8 @@
         <td>{% if user.role_download() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
         <td>{% if user.role_upload() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
         <td>{% if user.role_edit() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
+        <td>{% if user.role_passwd() %}<span class="glyphicon glyphicon-ok"></span>{% else %}<span class="glyphicon glyphicon-remove"></span>{% endif %}</td>
+
     {% endfor %}
   </table>
     <div class="btn btn-default"><a href="{{url_for('new_user')}}">Add new user</a></div>
diff --git a/cps/ub.py b/cps/ub.py
index 8b62e0a7..7256be9d 100644
--- a/cps/ub.py
+++ b/cps/ub.py
@@ -17,6 +17,7 @@ ROLE_ADMIN = 1
 ROLE_DOWNLOAD = 2
 ROLE_UPLOAD = 4 
 ROLE_EDIT = 8
+ROLE_PASSWD = 16
 DEFAULT_PASS = "admin123"
 
 class User(Base):
@@ -54,6 +55,11 @@ class User(Base):
             return True if self.role & ROLE_EDIT == ROLE_EDIT else False
         else:
             return False
+    def role_passwd(self):
+        if self.role is not None:
+            return True if self.role & ROLE_PASSWD == ROLE_PASSWD else False
+        else:
+            return False
 
     def is_active(self):
         return True
diff --git a/cps/web.py b/cps/web.py
index 86c302a8..41c762c6 100755
--- a/cps/web.py
+++ b/cps/web.py
@@ -649,8 +649,9 @@ def profile():
         downloads.append(db.session.query(db.Books).filter(db.Books.id == book.book_id).first())
     if request.method == "POST":
         to_save = request.form.to_dict()
-        if to_save["password"]:
-            content.password = generate_password_hash(to_save["password"])
+        if current_user.role_passwd() or current_user.role_admin():
+            if to_save["password"]:
+                content.password = generate_password_hash(to_save["password"])
         if to_save["kindle_mail"] and to_save["kindle_mail"] != content.kindle_mail:
             content.kindle_mail = to_save["kindle_mail"]
         if to_save["email"] and to_save["email"] != content.email:
@@ -694,6 +695,8 @@ def new_user():
             content.role = content.role + ub.ROLE_UPLOAD
         if "edit_role" in to_save:
             content.role = content.role + ub.ROLE_EDIT
+        if "passwd_role" in to_save:
+            content.role = content.role + ub.ROLE_PASSWD
         try:
             ub.session.add(content)
             ub.session.commit()
@@ -764,7 +767,11 @@ def edit_user(user_id):
                 content.role = content.role + ub.ROLE_EDIT
             elif not "edit_role" in to_save and content.role_edit():
                 content.role = content.role - ub.ROLE_EDIT
-           
+            
+            if "passwd_role" in to_save and not content.role_passwd():
+                content.role = content.role + ub.ROLE_PASSWD
+            elif not "passwd_role" in to_save and content.role_passwd():
+                content.role = content.role - ub.ROLE_PASSWD
            
             if to_save["email"] and to_save["email"] != content.email:
                 content.email = to_save["email"]