diff --git a/contexts/user.go b/contexts/user.go
index 3a752a5..0ef041f 100644
--- a/contexts/user.go
+++ b/contexts/user.go
@@ -5,14 +5,19 @@ import (
 	"projectreshoot/db"
 )
 
+type AuthenticatedUser struct {
+	*db.User
+	Fresh int64
+}
+
 // Return a new context with the user added in
-func SetUser(ctx context.Context, u *db.User) context.Context {
+func SetUser(ctx context.Context, u *AuthenticatedUser) context.Context {
 	return context.WithValue(ctx, contextKeyAuthorizedUser, u)
 }
 
 // Retrieve a user from the given context. Returns nil if not set
-func GetUser(ctx context.Context) *db.User {
-	user, ok := ctx.Value(contextKeyAuthorizedUser).(*db.User)
+func GetUser(ctx context.Context) *AuthenticatedUser {
+	user, ok := ctx.Value(contextKeyAuthorizedUser).(*AuthenticatedUser)
 	if !ok {
 		return nil
 	}
diff --git a/cookies/delete.go b/cookies/delete.go
deleted file mode 100644
index d847b65..0000000
--- a/cookies/delete.go
+++ /dev/null
@@ -1,18 +0,0 @@
-package cookies
-
-import (
-	"net/http"
-	"time"
-)
-
-// Tell the browser to delete the cookie matching the name provided
-// Path must match the original set cookie for it to delete
-func DeleteCookie(w http.ResponseWriter, name string, path string) {
-	http.SetCookie(w, &http.Cookie{
-		Name:    name,
-		Value:   "",
-		Path:    path,
-		Expires: time.Unix(0, 0), // Expire in the past
-		MaxAge:  -1,              // Immediately expire
-	})
-}
diff --git a/cookies/functions.go b/cookies/functions.go
new file mode 100644
index 0000000..8e33212
--- /dev/null
+++ b/cookies/functions.go
@@ -0,0 +1,37 @@
+package cookies
+
+import (
+	"net/http"
+	"time"
+)
+
+// Tell the browser to delete the cookie matching the name provided
+// Path must match the original set cookie for it to delete
+func DeleteCookie(w http.ResponseWriter, name string, path string) {
+	http.SetCookie(w, &http.Cookie{
+		Name:     name,
+		Value:    "",
+		Path:     path,
+		Expires:  time.Unix(0, 0), // Expire in the past
+		MaxAge:   -1,              // Immediately expire
+		HttpOnly: true,
+	})
+}
+
+// Set a cookie with the given name, path and value. maxAge directly relates
+// to cookie MaxAge (0 for no max age, >0 for TTL in seconds)
+func SetCookie(
+	w http.ResponseWriter,
+	name string,
+	path string,
+	value string,
+	maxAge int,
+) {
+	http.SetCookie(w, &http.Cookie{
+		Name:     name,
+		Value:    value,
+		Path:     path,
+		HttpOnly: true,
+		MaxAge:   maxAge,
+	})
+}
diff --git a/cookies/pagefrom.go b/cookies/pagefrom.go
index 906db61..fa4cb0b 100644
--- a/cookies/pagefrom.go
+++ b/cookies/pagefrom.go
@@ -32,6 +32,5 @@ func SetPageFrom(w http.ResponseWriter, r *http.Request, trustedHost string) {
 	} else {
 		pageFrom = parsedURL.Path
 	}
-	pageFromCookie := &http.Cookie{Name: "pagefrom", Value: pageFrom, Path: "/"}
-	http.SetCookie(w, pageFromCookie)
+	SetCookie(w, "pagefrom", "/", pageFrom, 0)
 }
diff --git a/db/user.go b/db/user.go
new file mode 100644
index 0000000..fe62349
--- /dev/null
+++ b/db/user.go
@@ -0,0 +1,60 @@
+package db
+
+import (
+	"database/sql"
+
+	"github.com/pkg/errors"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type User struct {
+	ID            int    // Integer ID (index primary key)
+	Username      string // Username (unique)
+	Password_hash string // Bcrypt password hash
+	Created_at    int64  // Epoch timestamp when the user was added to the database
+	Bio           string // Short byline set by the user
+}
+
+// Uses bcrypt to set the users Password_hash from the given password
+func (user *User) SetPassword(conn *sql.DB, password string) error {
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return errors.Wrap(err, "bcrypt.GenerateFromPassword")
+	}
+	user.Password_hash = string(hashedPassword)
+	query := `UPDATE users SET password_hash = ? WHERE id = ?`
+	_, err = conn.Exec(query, user.Password_hash, user.ID)
+	if err != nil {
+		return errors.Wrap(err, "conn.Exec")
+	}
+	return nil
+}
+
+// Uses bcrypt to check if the given password matches the users Password_hash
+func (user *User) CheckPassword(password string) error {
+	err := bcrypt.CompareHashAndPassword([]byte(user.Password_hash), []byte(password))
+	if err != nil {
+		return errors.Wrap(err, "bcrypt.CompareHashAndPassword")
+	}
+	return nil
+}
+
+// Change the user's username
+func (user *User) ChangeUsername(conn *sql.DB, newUsername string) error {
+	query := `UPDATE users SET username = ? WHERE id = ?`
+	_, err := conn.Exec(query, newUsername, user.ID)
+	if err != nil {
+		return errors.Wrap(err, "conn.Exec")
+	}
+	return nil
+}
+
+// Change the user's bio
+func (user *User) ChangeBio(conn *sql.DB, newBio string) error {
+	query := `UPDATE users SET bio = ? WHERE id = ?`
+	_, err := conn.Exec(query, newBio, user.ID)
+	if err != nil {
+		return errors.Wrap(err, "conn.Exec")
+	}
+	return nil
+}
diff --git a/db/user_functions.go b/db/user_functions.go
new file mode 100644
index 0000000..3c3623e
--- /dev/null
+++ b/db/user_functions.go
@@ -0,0 +1,108 @@
+package db
+
+import (
+	"database/sql"
+	"fmt"
+
+	"github.com/pkg/errors"
+)
+
+// Creates a new user in the database and returns a pointer
+func CreateNewUser(conn *sql.DB, username string, password string) (*User, error) {
+	query := `INSERT INTO users (username) VALUES (?)`
+	_, err := conn.Exec(query, username)
+	if err != nil {
+		return nil, errors.Wrap(err, "conn.Exec")
+	}
+	user, err := GetUserFromUsername(conn, username)
+	if err != nil {
+		return nil, errors.Wrap(err, "GetUserFromUsername")
+	}
+	err = user.SetPassword(conn, password)
+	if err != nil {
+		return nil, errors.Wrap(err, "user.SetPassword")
+	}
+	return user, nil
+}
+
+// Fetches data from the users table using "WHERE column = 'value'"
+func fetchUserData(conn *sql.DB, column string, value interface{}) (*sql.Rows, error) {
+	query := fmt.Sprintf(
+		`SELECT 
+            id,
+            username, 
+            password_hash, 
+            created_at,
+            bio
+        FROM users 
+	    WHERE %s = ? COLLATE NOCASE LIMIT 1`,
+		column,
+	)
+	rows, err := conn.Query(query, value)
+	if err != nil {
+		return nil, errors.Wrap(err, "conn.Query")
+	}
+	return rows, nil
+}
+
+// Scan the next row into the provided user pointer. Calls rows.Next() and
+// assumes only row in the result. Providing a rows object with more than 1
+// row may result in undefined behaviour.
+func scanUserRow(user *User, rows *sql.Rows) error {
+	for rows.Next() {
+		err := rows.Scan(
+			&user.ID,
+			&user.Username,
+			&user.Password_hash,
+			&user.Created_at,
+			&user.Bio,
+		)
+		if err != nil {
+			return errors.Wrap(err, "rows.Scan")
+		}
+	}
+	return nil
+}
+
+// Queries the database for a user matching the given username.
+// Query is case insensitive
+func GetUserFromUsername(conn *sql.DB, username string) (*User, error) {
+	rows, err := fetchUserData(conn, "username", username)
+	if err != nil {
+		return nil, errors.Wrap(err, "fetchUserData")
+	}
+	defer rows.Close()
+	var user User
+	err = scanUserRow(&user, rows)
+	if err != nil {
+		return nil, errors.Wrap(err, "scanUserRow")
+	}
+	return &user, nil
+}
+
+// Queries the database for a user matching the given ID.
+func GetUserFromID(conn *sql.DB, id int) (*User, error) {
+	rows, err := fetchUserData(conn, "id", id)
+	if err != nil {
+		return nil, errors.Wrap(err, "fetchUserData")
+	}
+	defer rows.Close()
+	var user User
+	err = scanUserRow(&user, rows)
+	if err != nil {
+		return nil, errors.Wrap(err, "scanUserRow")
+	}
+	return &user, nil
+}
+
+// Checks if the given username is unique. Returns true if not taken
+func CheckUsernameUnique(conn *sql.DB, username string) (bool, error) {
+	query := `SELECT 1 FROM users WHERE username = ? COLLATE NOCASE LIMIT 1`
+	rows, err := conn.Query(query, username)
+	if err != nil {
+		return false, errors.Wrap(err, "conn.Query")
+	}
+	defer rows.Close()
+	taken := rows.Next()
+	return !taken, nil
+}
diff --git a/db/users.go b/db/users.go
deleted file mode 100644
index 23a207e..0000000
--- a/db/users.go
+++ /dev/null
@@ -1,125 +0,0 @@
-package db
-
-import (
-	"database/sql"
-
-	"github.com/pkg/errors"
-	"golang.org/x/crypto/bcrypt"
-)
-
-type User struct {
-	ID            int    // Integer ID (index primary key)
-	Username      string // Username (unique)
-	Password_hash string // Bcrypt password hash
-	Created_at    int64  // Epoch timestamp when the user was added to the database
-}
-
-// Uses bcrypt to set the users Password_hash from the given password
-func (user *User) SetPassword(conn *sql.DB, password string) error {
-	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-	if err != nil {
-		return errors.Wrap(err, "bcrypt.GenerateFromPassword")
-	}
-	user.Password_hash = string(hashedPassword)
-	query := `UPDATE users SET password_hash = ? WHERE id = ?`
-	result, err := conn.Exec(query, user.Password_hash, user.ID)
-	if err != nil {
-		return errors.Wrap(err, "conn.Exec")
-	}
-	ra, err := result.RowsAffected()
-	if err != nil {
-		return errors.Wrap(err, "result.RowsAffected")
-	}
-	if ra != 1 {
-		return errors.New("Password was not updated")
-	}
-	return nil
-}
-
-// Uses bcrypt to check if the given password matches the users Password_hash
-func (user *User) CheckPassword(password string) error {
-	err := bcrypt.CompareHashAndPassword([]byte(user.Password_hash), []byte(password))
-	if err != nil {
-		return errors.Wrap(err, "bcrypt.CompareHashAndPassword")
-	}
-	return nil
-}
-
-// Creates a new user in the database and returns a pointer
-func CreateNewUser(conn *sql.DB, username string, password string) (*User, error) {
-	query := `INSERT INTO users (username) VALUES (?)`
-	_, err := conn.Exec(query, username)
-	if err != nil {
-		return nil, errors.Wrap(err, "conn.Exec")
-	}
-	user, err := GetUserFromUsername(conn, username)
-	if err != nil {
-		return nil, errors.Wrap(err, "GetUserFromUsername")
-	}
-	err = user.SetPassword(conn, password)
-	if err != nil {
-		return nil, errors.Wrap(err, "user.SetPassword")
-	}
-	return user, nil
-}
-
-// Queries the database for a user matching the given username.
-// Query is case insensitive
-func GetUserFromUsername(conn *sql.DB, username string) (*User, error) {
-	query := `SELECT id, username, password_hash, created_at FROM users 
-	          WHERE username = ? COLLATE NOCASE`
-	rows, err := conn.Query(query, username)
-	if err != nil {
-		return nil, errors.Wrap(err, "conn.Query")
-	}
-	defer rows.Close()
-	var user User
-	for rows.Next() {
-		err := rows.Scan(
-			&user.ID,
-			&user.Username,
-			&user.Password_hash,
-			&user.Created_at,
-		)
-		if err != nil {
-			return nil, errors.Wrap(err, "rows.Scan")
-		}
-	}
-	return &user, nil
-}
-
-// Queries the database for a user matching the given ID.
-func GetUserFromID(conn *sql.DB, id int) (*User, error) {
-	query := `SELECT id, username, password_hash, created_at FROM users 
-	          WHERE id = ?`
-	rows, err := conn.Query(query, id)
-	if err != nil {
-		return nil, errors.Wrap(err, "conn.Query")
-	}
-	defer rows.Close()
-	var user User
-	for rows.Next() {
-		err := rows.Scan(
-			&user.ID,
-			&user.Username,
-			&user.Password_hash,
-			&user.Created_at,
-		)
-		if err != nil {
-			return nil, errors.Wrap(err, "rows.Scan")
-		}
-	}
-	return &user, nil
-}
-
-// Checks if the given username is unique. Returns true if not taken
-func CheckUsernameUnique(conn *sql.DB, username string) (bool, error) {
-	query := `SELECT 1 FROM users WHERE username = ? COLLATE NOCASE LIMIT 1`
-	rows, err := conn.Query(query, username)
-	if err != nil {
-		return false, errors.Wrap(err, "conn.Query")
-	}
-	defer rows.Close()
-	taken := rows.Next()
-	return !taken, nil
-}
diff --git a/handlers/account.go b/handlers/account.go
new file mode 100644
index 0000000..be79910
--- /dev/null
+++ b/handlers/account.go
@@ -0,0 +1,137 @@
+package handlers
+
+import (
+	"database/sql"
+	"net/http"
+
+	"projectreshoot/contexts"
+	"projectreshoot/cookies"
+	"projectreshoot/db"
+	"projectreshoot/view/component/account"
+	"projectreshoot/view/page"
+
+	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
+)
+
+// Renders the account page on the 'General' subpage
+func HandleAccountPage() http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			cookie, err := r.Cookie("subpage")
+			subpage := cookie.Value
+			if err != nil {
+				subpage = "General"
+			}
+			page.Account(subpage).Render(r.Context(), w)
+		},
+	)
+}
+
+// Handles a request to change the subpage for the Accou/accountnt page
+func HandleAccountSubpage() http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			r.ParseForm()
+			subpage := r.FormValue("subpage")
+			cookies.SetCookie(w, "subpage", "/account", subpage, 300)
+			account.AccountContainer(subpage).Render(r.Context(), w)
+		},
+	)
+}
+
+// Handles a request to change the users username
+func HandleChangeUsername(
+	logger *zerolog.Logger,
+	conn *sql.DB,
+) http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			r.ParseForm()
+			newUsername := r.FormValue("username")
+
+			unique, err := db.CheckUsernameUnique(conn, newUsername)
+			if err != nil {
+				logger.Error().Err(err).Msg("Error updating username")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			if !unique {
+				account.ChangeUsername("Username is taken", newUsername).
+					Render(r.Context(), w)
+				return
+			}
+			user := contexts.GetUser(r.Context())
+			err = user.ChangeUsername(conn, newUsername)
+			if err != nil {
+				logger.Error().Err(err).Msg("Error updating username")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			w.Header().Set("HX-Refresh", "true")
+		},
+	)
+}
+
+// Handles a request to change the users bio
+func HandleChangeBio(
+	logger *zerolog.Logger,
+	conn *sql.DB,
+) http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			r.ParseForm()
+			newBio := r.FormValue("bio")
+			leng := len([]rune(newBio))
+			if leng > 128 {
+				account.ChangeBio("Bio limited to 128 characters", newBio).
+					Render(r.Context(), w)
+				return
+			}
+			user := contexts.GetUser(r.Context())
+			err := user.ChangeBio(conn, newBio)
+			if err != nil {
+				logger.Error().Err(err).Msg("Error updating bio")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			w.Header().Set("HX-Refresh", "true")
+		},
+	)
+}
+func validateChangePassword(conn *sql.DB, r *http.Request) (string, error) {
+	r.ParseForm()
+	formPassword := r.FormValue("password")
+	formConfirmPassword := r.FormValue("confirm-password")
+	if formPassword != formConfirmPassword {
+		return "", errors.New("Passwords do not match")
+	}
+	if len(formPassword) > 72 {
+		return "", errors.New("Password exceeds maximum length of 72 bytes")
+	}
+	return formPassword, nil
+}
+
+// Handles a request to change the users password
+func HandleChangePassword(
+	logger *zerolog.Logger,
+	conn *sql.DB,
+) http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			newPass, err := validateChangePassword(conn, r)
+			if err != nil {
+				account.ChangePassword(err.Error()).Render(r.Context(), w)
+				return
+			}
+			user := contexts.GetUser(r.Context())
+			err = user.SetPassword(conn, newPass)
+			if err != nil {
+				logger.Error().Err(err).Msg("Error updating password")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			w.Header().Set("HX-Refresh", "true")
+		},
+	)
+}
diff --git a/handlers/profile.go b/handlers/profile.go
index 91d21b2..91f381f 100644
--- a/handlers/profile.go
+++ b/handlers/profile.go
@@ -5,7 +5,7 @@ import (
 	"projectreshoot/view/page"
 )
 
-func HandleProfile() http.Handler {
+func HandleProfilePage() http.Handler {
 	return http.HandlerFunc(
 		func(w http.ResponseWriter, r *http.Request) {
 			page.Profile().Render(r.Context(), w)
diff --git a/handlers/reauthenticatate.go b/handlers/reauthenticatate.go
new file mode 100644
index 0000000..9e188d8
--- /dev/null
+++ b/handlers/reauthenticatate.go
@@ -0,0 +1,119 @@
+package handlers
+
+import (
+	"database/sql"
+	"net/http"
+
+	"projectreshoot/config"
+	"projectreshoot/contexts"
+	"projectreshoot/cookies"
+	"projectreshoot/jwt"
+	"projectreshoot/view/component/form"
+
+	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
+)
+
+// Get the tokens from the request
+func getTokens(
+	config *config.Config,
+	conn *sql.DB,
+	r *http.Request,
+) (*jwt.AccessToken, *jwt.RefreshToken, error) {
+	// get the existing tokens from the cookies
+	atStr, rtStr := cookies.GetTokenStrings(r)
+	aT, err := jwt.ParseAccessToken(config, conn, atStr)
+	if err != nil {
+		return nil, nil, errors.Wrap(err, "jwt.ParseAccessToken")
+	}
+	rT, err := jwt.ParseRefreshToken(config, conn, rtStr)
+	if err != nil {
+		return nil, nil, errors.Wrap(err, "jwt.ParseRefreshToken")
+	}
+	return aT, rT, nil
+}
+
+// Revoke the given token pair
+func revokeTokenPair(
+	conn *sql.DB,
+	aT *jwt.AccessToken,
+	rT *jwt.RefreshToken,
+) error {
+	err := jwt.RevokeToken(conn, aT)
+	if err != nil {
+		return errors.Wrap(err, "jwt.RevokeToken")
+	}
+	err = jwt.RevokeToken(conn, rT)
+	if err != nil {
+		return errors.Wrap(err, "jwt.RevokeToken")
+	}
+	return nil
+}
+
+// Issue new tokens for the user, invalidating the old ones
+func refreshTokens(
+	config *config.Config,
+	conn *sql.DB,
+	w http.ResponseWriter,
+	r *http.Request,
+) error {
+	aT, rT, err := getTokens(config, conn, r)
+	if err != nil {
+		return errors.Wrap(err, "getTokens")
+	}
+	rememberMe := map[string]bool{
+		"session": false,
+		"exp":     true,
+	}[aT.TTL]
+	// issue new tokens for the user
+	user := contexts.GetUser(r.Context())
+	err = cookies.SetTokenCookies(w, r, config, user.User, true, rememberMe)
+	if err != nil {
+		return errors.Wrap(err, "cookies.SetTokenCookies")
+	}
+	err = revokeTokenPair(conn, aT, rT)
+	if err != nil {
+		return errors.Wrap(err, "revokeTokenPair")
+	}
+
+	return nil
+}
+
+// Validate the provided password
+func validatePassword(
+	r *http.Request,
+) error {
+	r.ParseForm()
+	password := r.FormValue("password")
+	user := contexts.GetUser(r.Context())
+	err := user.CheckPassword(password)
+	if err != nil {
+		return errors.Wrap(err, "user.CheckPassword")
+	}
+	return nil
+}
+
+// Handle request to reauthenticate (i.e. make token fresh again)
+func HandleReauthenticate(
+	logger *zerolog.Logger,
+	config *config.Config,
+	conn *sql.DB,
+) http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			err := validatePassword(r)
+			if err != nil {
+				w.WriteHeader(445)
+				form.ConfirmPassword("Incorrect password").Render(r.Context(), w)
+				return
+			}
+			err = refreshTokens(config, conn, w, r)
+			if err != nil {
+				logger.Error().Err(err).Msg("Failed to refresh user tokens")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			w.WriteHeader(http.StatusOK)
+		},
+	)
+}
diff --git a/middleware/authentication.go b/middleware/authentication.go
index 38cabbe..23f40f0 100644
--- a/middleware/authentication.go
+++ b/middleware/authentication.go
@@ -3,6 +3,7 @@ package middleware
 import (
 	"database/sql"
 	"net/http"
+	"time"
 
 	"projectreshoot/config"
 	"projectreshoot/contexts"
@@ -52,7 +53,7 @@ func getAuthenticatedUser(
 	conn *sql.DB,
 	w http.ResponseWriter,
 	r *http.Request,
-) (*db.User, error) {
+) (*contexts.AuthenticatedUser, error) {
 	// Get token strings from cookies
 	atStr, rtStr := cookies.GetTokenStrings(r)
 	// Attempt to parse the access token
@@ -69,14 +70,22 @@ func getAuthenticatedUser(
 			return nil, errors.Wrap(err, "refreshAuthTokens")
 		}
 		// New token pair sent, return the authorized user
-		return user, nil
+		authUser := contexts.AuthenticatedUser{
+			User:  user,
+			Fresh: time.Now().Unix(),
+		}
+		return &authUser, nil
 	}
 	// Access token valid
 	user, err := aT.GetUser(conn)
 	if err != nil {
 		return nil, errors.Wrap(err, "rT.GetUser")
 	}
-	return user, nil
+	authUser := contexts.AuthenticatedUser{
+		User:  user,
+		Fresh: aT.Fresh,
+	}
+	return &authUser, nil
 }
 
 // Attempt to authenticate the user and add their account details
diff --git a/middleware/reauthentication.go b/middleware/reauthentication.go
new file mode 100644
index 0000000..41fad65
--- /dev/null
+++ b/middleware/reauthentication.go
@@ -0,0 +1,21 @@
+package middleware
+
+import (
+	"net/http"
+	"projectreshoot/contexts"
+	"time"
+)
+
+func RequiresFresh(
+	next http.Handler,
+) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		user := contexts.GetUser(r.Context())
+		isFresh := time.Now().Before(time.Unix(user.Fresh, 0))
+		if !isFresh {
+			w.WriteHeader(444)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
diff --git a/schema.sql b/schema.sql
index 80f9970..986d312 100644
--- a/schema.sql
+++ b/schema.sql
@@ -8,7 +8,8 @@ CREATE TABLE IF NOT EXISTS "users" (
     id INTEGER PRIMARY KEY AUTOINCREMENT, 
     username TEXT NOT NULL UNIQUE, 
     password_hash TEXT DEFAULT "", 
-    created_at INTEGER DEFAULT (unixepoch())
+    created_at INTEGER DEFAULT (unixepoch()),
+    bio TEXT DEFAULT ""
 ) STRICT;
 CREATE TRIGGER cleanup_expired_tokens
 AFTER INSERT ON jwtblacklist
diff --git a/server/routes.go b/server/routes.go
index 19c87f7..606036e 100644
--- a/server/routes.go
+++ b/server/routes.go
@@ -60,9 +60,41 @@ func addRoutes(
 	// Logout
 	mux.Handle("POST /logout", handlers.HandleLogout(config, logger, conn))
 
+	// Reauthentication request
+	mux.Handle("POST /reauthenticate",
+		middleware.RequiresLogin(
+			handlers.HandleReauthenticate(logger, config, conn),
+		))
+
 	// Profile page
 	mux.Handle("GET /profile",
 		middleware.RequiresLogin(
-			handlers.HandleProfile(),
+			handlers.HandleProfilePage(),
+		))
+
+	// Account page
+	mux.Handle("GET /account",
+		middleware.RequiresLogin(
+			handlers.HandleAccountPage(),
+		))
+	mux.Handle("POST /account-select-page",
+		middleware.RequiresLogin(
+			handlers.HandleAccountSubpage(),
+		))
+	mux.Handle("POST /change-username",
+		middleware.RequiresLogin(
+			middleware.RequiresFresh(
+				handlers.HandleChangeUsername(logger, conn),
+			),
+		))
+	mux.Handle("POST /change-bio",
+		middleware.RequiresLogin(
+			handlers.HandleChangeBio(logger, conn),
+		))
+	mux.Handle("POST /change-password",
+		middleware.RequiresLogin(
+			middleware.RequiresFresh(
+				handlers.HandleChangePassword(logger, conn),
+			),
 		))
 }
diff --git a/view/component/account/changebio.templ b/view/component/account/changebio.templ
new file mode 100644
index 0000000..cb85013
--- /dev/null
+++ b/view/component/account/changebio.templ
@@ -0,0 +1,117 @@
+package account
+
+import "projectreshoot/contexts"
+
+templ ChangeBio(err string, bio string) {
+	{{
+	user := contexts.GetUser(ctx)
+	if bio == "" {
+		bio = user.Bio
+	}
+	}}
+	<form
+		hx-post="/change-bio"
+		hx-swap="outerHTML"
+		class="w-[90%] mx-auto mt-5"
+		x-data={ templ.JSFuncCall("bioComponent", bio, user.Bio, err).CallInline }
+	>
+		<script>
+            function bioComponent(newBio, oldBio, err) {
+                return {
+                    bio: newBio,
+                    initialBio: oldBio, 
+                    err: err,
+                    bioLenText: '', 
+                    updateTextArea() {
+                        this.$nextTick(() => {
+                            if (this.$refs.bio) {
+                                this.$refs.bio.style.height = 'auto';
+                                this.$refs.bio.style.height = `
+                                    ${this.$refs.bio.scrollHeight+20}px`;
+                            };
+                            this.bioLenText = `${this.bio.length}/128`;
+                        });
+                    },
+                    resetBio() {
+                        this.bio = this.initialBio;
+                        this.err = "",
+                        this.updateTextArea();
+                    },
+                    init() {
+                        this.$nextTick(() => {
+                            // this timeout makes sure the textarea resizes on 
+                            // page render correctly. seems 20ms is the sweet
+                            // spot between a noticable delay and not working
+                            setTimeout(() => {
+                                this.updateTextArea();
+                            }, 20);
+                        });
+                    }
+                };
+            }
+        </script>
+		<div
+			class="flex flex-col"
+		>
+			<div
+				class="flex flex-col sm:flex-row sm:items-center relative"
+			>
+				<label
+					for="bio"
+					class="text-lg w-20"
+				>Bio</label>
+				<div
+					class="relative sm:ml-5 ml-0 w-fit"
+				>
+					<textarea
+						type="text"
+						id="bio"
+						name="bio"
+						class="py-1 px-4 rounded-lg text-md
+                        bg-surface0 border border-surface2 w-60
+                        disabled:opacity-50 disabled:pointer-events-none"
+						required
+						aria-describedby="bio-error"
+						x-model="bio"
+						x-ref="bio"
+						@input="updateTextArea()"
+						maxlength="128"
+					></textarea>
+					<span
+						class="absolute right-0 pr-2 bottom-0 pb-2 text-overlay2"
+						x-text="bioLenText"
+					></span>
+				</div>
+			</div>
+			<div class="mt-2 sm:ml-25">
+				<button
+					class="rounded-lg bg-blue py-1 px-2 text-mantle 
+                    hover:cursor-pointer hover:bg-blue/75 transition"
+					x-cloak
+					x-show="bio !== initialBio"
+					x-transition.opacity.duration.500ms
+				>
+					Update
+				</button>
+				<button
+					class="rounded-lg bg-overlay0 py-1 px-2 text-mantle
+                    hover:cursor-pointer hover:bg-surface2 transition"
+					type="button"
+					href="#"
+					x-cloak
+					x-show="bio !== initialBio"
+					x-transition.opacity.duration.500ms
+					@click="resetBio()"
+				>
+					Cancel
+				</button>
+			</div>
+		</div>
+		<p
+			class="block text-red sm:ml-26 mt-1 transition"
+			x-cloak
+			x-show="err"
+			x-text="err"
+		></p>
+	</form>
+}
diff --git a/view/component/account/changepassword.templ b/view/component/account/changepassword.templ
new file mode 100644
index 0000000..6c368d3
--- /dev/null
+++ b/view/component/account/changepassword.templ
@@ -0,0 +1,141 @@
+package account
+
+templ ChangePassword(err string) {
+	<form
+		hx-post="/change-password"
+		hx-swap="outerHTML"
+		class="w-[90%] mx-auto mt-5"
+		x-data={ templ.JSFuncCall(
+                    "passwordComponent", err,
+                    ).CallInline }
+	>
+		<script>
+            function passwordComponent(err) {
+                return {
+                    password: "",
+                    confirmPassword: "",
+                    err: err,
+                    reset() {
+                        this.err = "";
+                        this.password = "";
+                        this.confirmPassword = "";
+                    },
+                };
+            }
+        </script>
+		<div
+			class="flex flex-col"
+		>
+			<div
+				class="flex flex-col sm:flex-row sm:items-center relative w-fit"
+			>
+				<label
+					for="password"
+					class="text-lg w-40"
+				>New Password</label>
+				<input
+					type="password"
+					id="password"
+					name="password"
+					class="py-1 px-4 rounded-lg text-md
+                    bg-surface0 border border-surface2 w-50 sm:ml-5
+                    disabled:opacity-50 ml-0 disabled:pointer-events-none"
+					required
+					aria-describedby="password-error"
+					x-model="password"
+				/>
+				<div
+					class="absolute inset-y-0 end-0 pt-9
+                        pointer-events-none sm:pt-2 pe-2"
+					x-show="err"
+					x-cloak
+				>
+					<svg
+						class="size-5 text-red"
+						width="16"
+						height="16"
+						fill="currentColor"
+						viewBox="0 0 16 16"
+						aria-hidden="true"
+					>
+						<path
+							d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM8 
+                                4a.905.905 0 0 0-.9.995l.35 3.507a.552.552 0 0 
+                                0 1.1 0l.35-3.507A.905.905 0 0 0 8 4zm.002 6a1 
+                                1 0 1 0 0 2 1 1 0 0 0 0-2z"
+						></path>
+					</svg>
+				</div>
+			</div>
+			<div
+				class="flex flex-col sm:flex-row sm:items-center relative mt-2 w-fit"
+			>
+				<label
+					for="confirm-password"
+					class="text-lg w-40"
+				>Confirm Password</label>
+				<input
+					type="password"
+					id="confirm-password"
+					name="confirm-password"
+					class="py-1 px-4 rounded-lg text-md
+                    bg-surface0 border border-surface2 w-50 sm:ml-5
+                    disabled:opacity-50 ml-0 disabled:pointer-events-none"
+					required
+					aria-describedby="password-error"
+					x-model="confirmPassword"
+				/>
+				<div
+					class="absolute inset-y-0 pe-2 end-0 pt-9
+                        pointer-events-none sm:pt-2"
+					x-show="err"
+					x-cloak
+				>
+					<svg
+						class="size-5 text-red"
+						width="16"
+						height="16"
+						fill="currentColor"
+						viewBox="0 0 16 16"
+						aria-hidden="true"
+					>
+						<path
+							d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM8 
+                                4a.905.905 0 0 0-.9.995l.35 3.507a.552.552 0 0 
+                                0 1.1 0l.35-3.507A.905.905 0 0 0 8 4zm.002 6a1 
+                                1 0 1 0 0 2 1 1 0 0 0 0-2z"
+						></path>
+					</svg>
+				</div>
+			</div>
+			<div class="mt-2 sm:ml-43">
+				<button
+					class="rounded-lg bg-blue py-1 px-2 text-mantle sm:ml-2
+                    hover:cursor-pointer hover:bg-blue/75 transition"
+					x-cloak
+					x-show="password !== '' || confirmPassword !== ''"
+					x-transition.opacity.duration.500ms
+				>
+					Update
+				</button>
+				<button
+					class="rounded-lg bg-overlay0 py-1 px-2 text-mantle
+                hover:cursor-pointer hover:bg-surface2 transition"
+					type="button"
+					x-cloak
+					x-show="password !== '' || confirmPassword !== ''"
+					x-transition.opacity.duration.500ms
+					@click="reset()"
+				>
+					Cancel
+				</button>
+			</div>
+		</div>
+		<p
+			class="block text-red sm:ml-45 mt-1 transition"
+			x-cloak
+			x-show="err"
+			x-text="err"
+		></p>
+	</form>
+}
diff --git a/view/component/account/changeusername.templ b/view/component/account/changeusername.templ
new file mode 100644
index 0000000..25cc151
--- /dev/null
+++ b/view/component/account/changeusername.templ
@@ -0,0 +1,108 @@
+package account
+
+import "projectreshoot/contexts"
+
+templ ChangeUsername(err string, username string) {
+	{{
+	user := contexts.GetUser(ctx)
+	if username == "" {
+		username = user.Username
+	}
+	}}
+	<form
+		hx-post="/change-username"
+		hx-swap="outerHTML"
+		class="w-[90%] mx-auto mt-5"
+		x-data={ templ.JSFuncCall(
+                    "usernameComponent", username, user.Username, err,
+                    ).CallInline }
+	>
+		<script>
+            function usernameComponent(newUsername, oldUsername, err) {
+                return {
+                    username: newUsername,
+                    initialUsername: oldUsername, 
+                    err: err,
+                    resetUsername() {
+                        this.username = this.initialUsername;
+                        this.err = "";
+                    },
+                };
+            }
+        </script>
+		<div
+			class="flex flex-col sm:flex-row"
+		>
+			<div
+				class="flex flex-col sm:flex-row sm:items-center relative"
+			>
+				<label
+					for="username"
+					class="text-lg w-20"
+				>Username</label>
+				<input
+					type="text"
+					id="username"
+					name="username"
+					class="py-1 px-4 rounded-lg text-md
+                    bg-surface0 border border-surface2 w-50 sm:ml-5
+                    disabled:opacity-50 ml-0 disabled:pointer-events-none"
+					required
+					aria-describedby="username-error"
+					x-model="username"
+				/>
+				<div
+					class="absolute inset-y-0 sm:start-68 start-43 pt-9
+                        pointer-events-none sm:pt-2"
+					x-show="err"
+					x-cloak
+				>
+					<svg
+						class="size-5 text-red"
+						width="16"
+						height="16"
+						fill="currentColor"
+						viewBox="0 0 16 16"
+						aria-hidden="true"
+					>
+						<path
+							d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM8 
+                                4a.905.905 0 0 0-.9.995l.35 3.507a.552.552 0 0 
+                                0 1.1 0l.35-3.507A.905.905 0 0 0 8 4zm.002 6a1 
+                                1 0 1 0 0 2 1 1 0 0 0 0-2z"
+						></path>
+					</svg>
+				</div>
+			</div>
+			<div class="mt-2 sm:mt-0">
+				<button
+					class="rounded-lg bg-blue py-1 px-2 text-mantle sm:ml-2
+                hover:cursor-pointer hover:bg-blue/75 transition"
+					x-cloak
+					x-show="username !== initialUsername"
+					x-transition.opacity.duration.500ms
+				>
+					Update
+				</button>
+				<button
+					class="rounded-lg bg-overlay0 py-1 px-2 text-mantle
+                hover:cursor-pointer hover:bg-surface2 transition"
+					type="button"
+					href="#"
+					x-cloak
+					x-show="username !== initialUsername"
+					x-transition.opacity.duration.500ms
+					@click="resetUsername()"
+				>
+					Cancel
+				</button>
+			</div>
+		</div>
+		<p
+			class="block text-red sm:ml-26 mt-1 transition"
+			x-cloak
+			x-show="err"
+			x-text="err"
+		></p>
+	</form>
+}
diff --git a/view/component/account/container.templ b/view/component/account/container.templ
new file mode 100644
index 0000000..f065949
--- /dev/null
+++ b/view/component/account/container.templ
@@ -0,0 +1,26 @@
+package account
+
+templ AccountContainer(subpage string) {
+	<div
+		id="account-container"
+		class="flex max-w-200 min-h-100 mx-auto bg-mantle mt-10 rounded-xl"
+		x-data="{big:window.innerWidth >=768, open:false}"
+		@resize.window="big = window.innerWidth >= 768"
+	>
+		@SelectMenu(subpage)
+		<div class="mt-5 w-full md:ml-[200px] ml-[40px] transition-all duration-300">
+			<div
+				class="pl-5 text-2xl text-subtext1 border-b 
+                    border-overlay0 w-[90%] mx-auto"
+			>
+				{ subpage }
+			</div>
+			switch subpage {
+				case "General":
+					@AccountGeneral()
+				case "Security":
+					@AccountSecurity()
+			}
+		</div>
+	</div>
+}
diff --git a/view/component/account/general.templ b/view/component/account/general.templ
new file mode 100644
index 0000000..c8946c9
--- /dev/null
+++ b/view/component/account/general.templ
@@ -0,0 +1,8 @@
+package account
+
+templ AccountGeneral() {
+	<div>
+		@ChangeUsername("", "")
+		@ChangeBio("", "")
+	</div>
+}
diff --git a/view/component/account/security.templ b/view/component/account/security.templ
new file mode 100644
index 0000000..e61ead8
--- /dev/null
+++ b/view/component/account/security.templ
@@ -0,0 +1,7 @@
+package account
+
+templ AccountSecurity() {
+	<div>
+		@ChangePassword("")
+	</div>
+}
diff --git a/view/component/account/selectmenu.templ b/view/component/account/selectmenu.templ
new file mode 100644
index 0000000..a4221ce
--- /dev/null
+++ b/view/component/account/selectmenu.templ
@@ -0,0 +1,91 @@
+package account
+
+import "fmt"
+
+type MenuItem struct {
+	name string
+	href string
+}
+
+func getMenuItems() []MenuItem {
+	return []MenuItem{
+		{
+			name: "General",
+			href: "general",
+		},
+		{
+			name: "Security",
+			href: "security",
+		},
+		{
+			name: "Preferences",
+			href: "preferences",
+		},
+	}
+}
+
+templ SelectMenu(activePage string) {
+	{{
+	menuItems := getMenuItems()
+	page := fmt.Sprintf("{page:'%s'}", activePage)
+	}}
+	<form
+		hx-post="/account-select-page"
+		hx-target="#account-container"
+		hx-swap="outerHTML"
+		class="relative"
+	>
+		<div
+			class="bg-surface0 border-e border-overlay0 ease-in-out
+            absolute top-0 left-0 z-1
+            rounded-l-xl h-full overflow-hidden transition-all duration-300"
+			x-bind:style="(open || big) ? 'width: 200px;' : 'width: 40px;'"
+		>
+			<div x-show="!big">
+				<button
+					type="button"
+					@click="open = !open"
+					class="block rounded-lg p-2.5 md:hidden transition
+                    bg-surface0 text-subtext0 hover:text-overlay2/75"
+				>
+					<span class="sr-only">Toggle menu</span>
+					<svg
+						xmlns="http://www.w3.org/2000/svg"
+						class="size-5"
+						fill="none"
+						viewBox="0 0 24 24"
+						stroke="currentColor"
+						stroke-width="2"
+					>
+						<path
+							stroke-linecap="round"
+							stroke-linejoin="round"
+							d="M4 6h16M4 12h16M4 18h16"
+						></path>
+					</svg>
+				</button>
+			</div>
+			<div class="px-4 py-6" x-show="(open || big)">
+				<ul class="mt-6 space-y-1" x-data={ page }>
+					for _, item := range menuItems {
+						{{
+	activebind := fmt.Sprintf("page === '%s' && 'bg-mantle'", item.name)
+						}}
+						<li>
+							<button
+								type="submit"
+								name="subpage"
+								value={ item.name }
+								class="block rounded-lg px-4 py-2 text-md
+                            hover:bg-mantle hover:cursor-pointer"
+								:class={ activebind }
+							>
+								{ item.name }
+							</button>
+						</li>
+					}
+				</ul>
+			</div>
+		</div>
+	</form>
+}
diff --git a/view/component/form/confirmpass.templ b/view/component/form/confirmpass.templ
new file mode 100644
index 0000000..a19e9a6
--- /dev/null
+++ b/view/component/form/confirmpass.templ
@@ -0,0 +1,90 @@
+package form
+
+templ ConfirmPassword(err string) {
+	<form
+		hx-post="/reauthenticate"
+		x-data={ templ.JSFuncCall(
+                "confirmPassData", err,
+                ).CallInline }
+		x-on:htmx:xhr:loadstart="submitted=true;buttontext='Loading...'"
+	>
+		<script>
+            function confirmPassData(err) {
+                return {
+                    submitted: false,
+                    buttontext: 'Confirm', 
+                    errMsg: err,
+                    reset() {
+                        this.err = "";
+                    },
+                };
+            }
+        </script>
+		<div
+			class="grid gap-y-4"
+		>
+			<div class="mt-5">
+				<div class="relative">
+					<input
+						type="password"
+						id="password"
+						name="password"
+						class="py-3 px-4 block w-full rounded-lg text-sm
+                        focus:border-blue focus:ring-blue bg-base
+                        disabled:opacity-50 disabled:pointer-events-none"
+						placeholder="Confirm password"
+						required
+						aria-describedby="password-error"
+						@input="reset()"
+					/>
+					<div
+						class="absolute inset-y-0 end-0 
+                        pointer-events-none pe-3 pt-3"
+						x-show="errMsg"
+						x-cloak
+					>
+						<svg
+							class="size-5 text-red"
+							width="16"
+							height="16"
+							fill="currentColor"
+							viewBox="0 0 16 16"
+							aria-hidden="true"
+						>
+							<path
+								d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM8 
+                                4a.905.905 0 0 0-.9.995l.35 3.507a.552.552 0 0
+                                0 1.1 0l.35-3.507A.905.905 0 0 0 8 4zm.002 6a1
+                                1 0 1 0 0 2 1 1 0 0 0 0-2z"
+							></path>
+						</svg>
+					</div>
+				</div>
+				<p
+					class="text-center text-xs text-red mt-2"
+					id="password-error"
+					x-show="errMsg"
+					x-cloak
+					x-text="errMsg"
+				></p>
+			</div>
+			<button
+				x-bind:disabled="submitted"
+				x-text="buttontext"
+				type="submit"
+				class="w-full py-3 px-4 inline-flex justify-center items-center 
+                gap-x-2 rounded-lg border border-transparent transition
+                bg-blue hover:bg-blue/75 text-mantle hover:cursor-pointer
+                disabled:bg-blue/60 disabled:cursor-default"
+			></button>
+			<button
+				type="button"
+				class="w-full py-3 px-4 inline-flex justify-center items-center 
+                gap-x-2 rounded-lg border border-transparent transition
+                bg-surface2 hover:bg-surface1 hover:cursor-pointer
+                disabled:cursor-default"
+				@click="showConfirmPasswordModal=false"
+			>Cancel</button>
+		</div>
+	</form>
+}
diff --git a/view/component/form/loginform.templ b/view/component/form/loginform.templ
index 3380320..d6fa4a8 100644
--- a/view/component/form/loginform.templ
+++ b/view/component/form/loginform.templ
@@ -1,31 +1,34 @@
 package form
 
-import "fmt"
-
 // Login Form. If loginError is not an empty string, it will display the
 // contents of loginError to the user.
 // If loginError is "Username or password incorrect" it will also show
 // error icons on the username and password field
 templ LoginForm(loginError string) {
-	{{
-	errCreds := "false"
-	if loginError == "Username or password incorrect" {
-		errCreds = "true"
-	}
-	xdata := fmt.Sprintf(
-		"{credentialError: %s, errorMessage: '%s'}",
-		errCreds,
-		loginError,
-	)
-	}}
+	{{ credErr := "Username or password incorrect" }}
 	<form
 		hx-post="/login"
-		x-data="{ submitted: false, buttontext: 'Login' }"
+		x-data={ templ.JSFuncCall(
+                "loginFormData", loginError, credErr,
+                ).CallInline }
 		x-on:htmx:xhr:loadstart="submitted=true;buttontext='Loading...'"
 	>
+		<script>
+            function loginFormData(err, credError) {
+                return {
+                    submitted: false,
+                    buttontext: 'Login',
+                    errorMessage: err, 
+                    credentialError: err === credError ? true : false,
+                    resetErr() {
+                        this.errorMessage = "";
+                        this.credentialError = false;
+                    },
+                };
+            }
+        </script>
 		<div
 			class="grid gap-y-4"
-			x-data={ xdata }
 		>
 			<!-- Form Group -->
 			<div>
@@ -44,6 +47,7 @@ templ LoginForm(loginError string) {
                         disabled:pointer-events-none"
 						required
 						aria-describedby="username-error"
+						@input="resetErr()"
 					/>
 					<div
 						class="absolute inset-y-0 end-0 
@@ -93,6 +97,7 @@ templ LoginForm(loginError string) {
                         disabled:opacity-50 disabled:pointer-events-none"
 						required
 						aria-describedby="password-error"
+						@input="resetErr()"
 					/>
 					<div
 						class="absolute inset-y-0 end-0 
diff --git a/view/component/form/registerform.templ b/view/component/form/registerform.templ
index f2a9da4..7344b00 100644
--- a/view/component/form/registerform.templ
+++ b/view/component/form/registerform.templ
@@ -1,36 +1,41 @@
 package form
 
-import "fmt"
-
 // Login Form. If loginError is not an empty string, it will display the
 // contents of loginError to the user.
 templ RegisterForm(registerError string) {
 	{{
-	errUsername := "false"
-	errPasswords := "false"
-	if registerError == "Username is taken" {
-		errUsername = "true"
-	} else if registerError == "Passwords do not match" ||
-		registerError == "Password exceeds maximum length of 72 bytes" {
-		errPasswords = "true"
+	usernameErr := "Username is taken"
+	passErrs := []string{
+		"Password exceeds maximum length of 72 bytes",
+		"Passwords do not match",
 	}
-	xdata := fmt.Sprintf(
-		"{errUsername: %s, errPasswords: %s, errorMessage: '%s'}",
-		errUsername,
-		errPasswords,
-		registerError,
-	)
 	}}
 	<form
 		hx-post="/register"
-		x-data="{ submitted: false, buttontext: 'Login' }"
+		x-data={ templ.JSFuncCall(
+                "registerFormData", registerError, usernameErr, passErrs,
+                ).CallInline }
 		x-on:htmx:xhr:loadstart="submitted=true;buttontext='Loading...'"
 	>
+		<script>
+            function registerFormData(err, usernameErr, passErrs) {
+                return {
+                    submitted: false,
+                    buttontext: 'Register',
+                    errorMessage: err, 
+                    errUsername: err === usernameErr ? true : false, 
+                    errPasswords: passErrs.includes(err) ? true : false,
+                    resetErr() {
+                        this.errorMessage = "";
+                        this.errUsername = false;
+                        this.errPasswords = false;
+                    },
+                };
+            }
+        </script>
 		<div
 			class="grid gap-y-4"
-			x-data={ xdata }
 		>
-			<!-- Form Group -->
 			<div>
 				<label
 					for="email"
@@ -47,6 +52,7 @@ templ RegisterForm(registerError string) {
                         disabled:pointer-events-none"
 						required
 						aria-describedby="username-error"
+						@input="resetErr()"
 					/>
 					<div
 						class="absolute inset-y-0 end-0 
@@ -96,6 +102,7 @@ templ RegisterForm(registerError string) {
                         disabled:opacity-50 disabled:pointer-events-none"
 						required
 						aria-describedby="password-error"
+						@input="resetErr()"
 					/>
 					<div
 						class="absolute inset-y-0 end-0 
@@ -138,6 +145,7 @@ templ RegisterForm(registerError string) {
                             disabled:opacity-50 disabled:pointer-events-none"
 						required
 						aria-describedby="confirm-password-error"
+						@input="resetErr()"
 					/>
 					<div
 						class="absolute inset-y-0 end-0 
diff --git a/view/component/nav/navbarright.templ b/view/component/nav/navbarright.templ
index 7ed2c11..4d3a114 100644
--- a/view/component/nav/navbarright.templ
+++ b/view/component/nav/navbarright.templ
@@ -35,7 +35,7 @@ templ navRight() {
 					>
 						<button
 							x-on:click="isActive = !isActive"
-							class="h-full py-2 px-4 text-mantle"
+							class="h-full py-2 px-4 text-mantle hover:cursor-pointer"
 						>
 							<span class="sr-only">Profile</span>
 							{ user.Username }
diff --git a/view/component/nav/sidenav.templ b/view/component/nav/sidenav.templ
index 4487a61..b4bfd62 100644
--- a/view/component/nav/sidenav.templ
+++ b/view/component/nav/sidenav.templ
@@ -8,7 +8,7 @@ templ sideNav(navItems []NavItem) {
 	<div
 		x-show="open"
 		x-transition
-		class="absolute w-full bg-mantle sm:hidden"
+		class="absolute w-full bg-mantle sm:hidden z-10"
 	>
 		<div class="px-4 py-6">
 			<ul class="space-y-1">
diff --git a/view/component/popup/confirmPasswordModal.templ b/view/component/popup/confirmPasswordModal.templ
new file mode 100644
index 0000000..7c2daef
--- /dev/null
+++ b/view/component/popup/confirmPasswordModal.templ
@@ -0,0 +1,21 @@
+
+package popup
+
+import "projectreshoot/view/component/form"
+
+templ ConfirmPasswordModal() {
+	<div
+		class="z-50 absolute bg-overlay0/55 top-0 left-0 right-0 bottom-0"
+		x-show="showConfirmPasswordModal"
+		x-cloak
+	>
+		<div
+			class="p-5 mt-25 w-fit max-w-100 text-center rounded-lg bg-mantle mx-auto"
+		>
+			<div class="text-xl">
+				To complete this action you need to confirm your password
+			</div>
+			@form.ConfirmPassword("")
+		</div>
+	</div>
+}
diff --git a/view/component/errorPopup.templ b/view/component/popup/errorPopup.templ
similarity index 99%
rename from view/component/errorPopup.templ
rename to view/component/popup/errorPopup.templ
index 968beab..f809230 100644
--- a/view/component/errorPopup.templ
+++ b/view/component/popup/errorPopup.templ
@@ -1,4 +1,4 @@
-package component
+package popup
 
 templ ErrorPopup() {
 	<div
diff --git a/view/layout/global.templ b/view/layout/global.templ
index 96bb1f6..0b5c155 100644
--- a/view/layout/global.templ
+++ b/view/layout/global.templ
@@ -2,7 +2,7 @@ package layout
 
 import "projectreshoot/view/component/nav"
 import "projectreshoot/view/component/footer"
-import "projectreshoot/view/component"
+import "projectreshoot/view/component/popup"
 
 // Global page layout. Includes HTML document settings, header tags
 // navbar and footer
@@ -40,22 +40,56 @@ templ Global() {
 			<script src="https://unpkg.com/alpinejs" defer></script>
 			<script>
                 // uncomment this line to enable logging of htmx events
-                //htmx.logAll();
+                // htmx.logAll();
+            </script>
+			<script>
+                const bodyData = {
+                    showError: false,
+                    showConfirmPasswordModal: false,
+                    handleHtmxBeforeOnLoad(event) {
+                        const requestPath = event.detail.pathInfo.requestPath;
+                        if (requestPath === "/reauthenticate") {
+                            // handle password incorrect on refresh attempt
+                            if (event.detail.xhr.status === 445) {
+                                event.detail.shouldSwap = true;
+                                event.detail.isError = false;
+                            } else if (event.detail.xhr.status === 200) {
+                                this.showConfirmPasswordModal = false;
+                            }
+                        }
+                    },
+                    // handle errors from the server on HTMX requests
+                    handleHtmxError(event) {
+                        const errorCode = event.detail.errorInfo.error;
+                  
+                        // internal server error 
+                        if (errorCode.includes('Code 500')) {
+                            this.showError = true;
+                            setTimeout(() => this.showError = false, 6000);
+                        }
+                  
+                        // user is authorized but needs to refresh their login
+                        if (errorCode.includes('Code 444')) {
+                            this.showConfirmPasswordModal = true;
+                        }
+                    },
+                };
             </script>
 		</head>
 		<body
 			class="bg-base text-text ubuntu-mono-regular overflow-x-hidden"
-			x-data="{ showError: false }"
-			x-on:htmx:error="if ($event.detail.errorInfo.error.includes('Code 500'))
-            showError = true; setTimeout(() => showError = false, 6000)"
+			x-data="bodyData"
+			x-on:htmx:error="handleHtmxError($event)"
+			x-on:htmx:before-on-load="handleHtmxBeforeOnLoad($event)"
 		>
-			@component.ErrorPopup()
+			@popup.ErrorPopup()
+			@popup.ConfirmPasswordModal()
 			<div
 				id="main-content"
 				class="flex flex-col h-screen justify-between"
 			>
 				@nav.Navbar()
-				<div id="page-content" class="mb-auto">
+				<div id="page-content" class="mb-auto px-5">
 					{ children... }
 				</div>
 				@footer.Footer()
diff --git a/view/page/account.templ b/view/page/account.templ
new file mode 100644
index 0000000..c11b900
--- /dev/null
+++ b/view/page/account.templ
@@ -0,0 +1,10 @@
+package page
+
+import "projectreshoot/view/layout"
+import "projectreshoot/view/component/account"
+
+templ Account(subpage string) {
+	@layout.Global() {
+		@account.AccountContainer(subpage)
+	}
+}