diff --git a/handlers/account.go b/handlers/account.go
index 4ebac66..be79910 100644
--- a/handlers/account.go
+++ b/handlers/account.go
@@ -5,10 +5,12 @@ import (
 	"net/http"
 
 	"projectreshoot/contexts"
+	"projectreshoot/cookies"
 	"projectreshoot/db"
 	"projectreshoot/view/component/account"
 	"projectreshoot/view/page"
 
+	"github.com/pkg/errors"
 	"github.com/rs/zerolog"
 )
 
@@ -16,17 +18,23 @@ import (
 func HandleAccountPage() http.Handler {
 	return http.HandlerFunc(
 		func(w http.ResponseWriter, r *http.Request) {
-			page.Account("General").Render(r.Context(), w)
+			cookie, err := r.Cookie("subpage")
+			subpage := cookie.Value
+			if err != nil {
+				subpage = "General"
+			}
+			page.Account(subpage).Render(r.Context(), w)
 		},
 	)
 }
 
-// Handles a request to change the subpage for the Account page
+// Handles a request to change the subpage for the Accou/accountnt page
 func HandleAccountSubpage() http.Handler {
 	return http.HandlerFunc(
 		func(w http.ResponseWriter, r *http.Request) {
 			r.ParseForm()
 			subpage := r.FormValue("subpage")
+			cookies.SetCookie(w, "subpage", "/account", subpage, 300)
 			account.AccountContainer(subpage).Render(r.Context(), w)
 		},
 	)
@@ -91,3 +99,39 @@ func HandleChangeBio(
 		},
 	)
 }
+func validateChangePassword(conn *sql.DB, r *http.Request) (string, error) {
+	r.ParseForm()
+	formPassword := r.FormValue("password")
+	formConfirmPassword := r.FormValue("confirm-password")
+	if formPassword != formConfirmPassword {
+		return "", errors.New("Passwords do not match")
+	}
+	if len(formPassword) > 72 {
+		return "", errors.New("Password exceeds maximum length of 72 bytes")
+	}
+	return formPassword, nil
+}
+
+// Handles a request to change the users password
+func HandleChangePassword(
+	logger *zerolog.Logger,
+	conn *sql.DB,
+) http.Handler {
+	return http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			newPass, err := validateChangePassword(conn, r)
+			if err != nil {
+				account.ChangePassword(err.Error()).Render(r.Context(), w)
+				return
+			}
+			user := contexts.GetUser(r.Context())
+			err = user.SetPassword(conn, newPass)
+			if err != nil {
+				logger.Error().Err(err).Msg("Error updating password")
+				w.WriteHeader(http.StatusInternalServerError)
+				return
+			}
+			w.Header().Set("HX-Refresh", "true")
+		},
+	)
+}