diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index 6353c35..f5e1fc2 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -5,6 +5,7 @@ namespace App\Controller;
 use App\Entity\Wish;
 use App\Entity\User;
 use App\Form\WishFormType;
+use App\Form\ChangePasswordFormType;
 
 use App\Repository\OfferingRepository;
 use App\Repository\WishRepository;
@@ -14,7 +15,9 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\HttpException;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\Routing\Annotation\Route;
+
 use Twig\Environment;
 
 class UserController extends AbstractController
@@ -27,7 +30,7 @@ class UserController extends AbstractController
     }
 
     #[Route('/user', name: 'user_page')]
-    public function user(OfferingRepository $offeringRepository): Response
+    public function user(OfferingRepository $offeringRepository, Request $request, UserPasswordHasherInterface $passwordEncoder): Response
     {
         $user = $this->getUser();
 
@@ -36,9 +39,27 @@ class UserController extends AbstractController
             $this->addFlash('error','Your email is not verified, please check your inbox');
         }
 
+        $form = $this->createForm(ChangePasswordFormType::class);
+        $form->handleRequest($request);
+
+        if ($form->isSubmitted() && $form->isValid()) {
+            $user->setPassword(
+                $passwordEncoder->hashPassword(
+                    $user,
+                    $form->get('plainPassword')->getData()
+                )
+            );
+
+            $entityManager = $this->getDoctrine()->getManager();
+            $entityManager->persist($user);
+            $entityManager->flush();
+
+            $this->addFlash("success", "Successfully changed the password!");
+        }
+
         return $this->render('user/index.html.twig', [
             'user' => $user,
-            'offers' => $offeringRepository->findByUser($user),
+            'changePassword_form' => $form->createView(),
         ]);
     }
 
diff --git a/src/Form/ChangePasswordFormType.php b/src/Form/ChangePasswordFormType.php
index 9603af3..c627a0a 100644
--- a/src/Form/ChangePasswordFormType.php
+++ b/src/Form/ChangePasswordFormType.php
@@ -5,6 +5,7 @@ namespace App\Form;
 use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Form\Extension\Core\Type\SubmitType;
 use Symfony\Component\Form\FormBuilderInterface;
 use Symfony\Component\OptionsResolver\OptionsResolver;
 use Symfony\Component\Validator\Constraints\Length;
@@ -39,6 +40,7 @@ class ChangePasswordFormType extends AbstractType
                 // this is read and encoded in the controller
                 'mapped' => false,
             ])
+            ->add('submit', SubmitType::class)
         ;
     }
 
diff --git a/templates/user/index.html.twig b/templates/user/index.html.twig
index ee24a1c..83fd3f7 100644
--- a/templates/user/index.html.twig
+++ b/templates/user/index.html.twig
@@ -1,55 +1,33 @@
 {% extends 'base.html.twig' %}
 
-{% block title %}User{% endblock %}
+{% block title %}User
+{% endblock %}
 
 {% block body %}
-    {% for message in app.flashes('error') %}
-        <div class="alert alert-danger" role="alert">
-            {{ message }}
-        </div>
-    {% endfor %}
-    {% for message in app.flashes('success') %}
-        <div class="alert alert-success" role="alert">
-            {{ message }}
-        </div>
-    {% endfor %}
+	{% for message in app.flashes('error') %}
+		<div class="alert alert-danger" role="alert">
+			{{ message }}
+		</div>
+	{% endfor %}
+	{% for message in app.flashes('success') %}
+		<div class="alert alert-success" role="alert">
+			{{ message }}
+		</div>
+	{% endfor %}
 
-    <div class="alert alert-info" role="alert">
-        Please note: This is not yet functional!
-    </div>
+	<div class="mb-5">
+		<h1>Hello
+			{{ user.username }}!</p>
+	</div>
+	<div class="mb-5">
+		<h2>Change Password</h2>
+		{{ form_start(changePassword_form) }}
+		{{ form_widget(changePassword_form) }}
+		{{ form_end(changePassword_form) }}
+	</div>
 
-    <div class="mb-3">
-        <h1>Hello {{ user.username }}!</p>
-    </div>
-    <div class="mb-3">
-        <form method="post">
-            <h3 class="mb-3 font-weight-normal">Change your user data</h3>
-            <div class="mb-3">
-                <label for="inputEmail" class="form-label">Email address</label>
-                <input name="email" type="email" class="form-control" id="inputEmail" aria-describedby="emailHelp" placeholder="{{ app.user.email }}" readonly>
-            </div>
-            <div class="mb-3">
-                <label for="inputPassword">Password</label>
-                <input type="password" name="password" id="inputPassword" class="form-control">
-            </div>
-
-            <div class="mb-3">
-                <label for="inputPlz">PLZ</label>
-                <input name="plz" id="inputPlz" class="form-control" value="{{ user.zipcode }}">
-            </div>
-
-            <input type="hidden" name="_csrf_token"
-                value="{{ csrf_token('authenticate') }}"
-            >
-
-            <button class="btn btn-lg btn-primary" type="submit">
-                Save
-            </button>
-        </form>
-    </div>
-
-    <div class="mb-3">
-        <h3 class="mb-3">Delete Account</h3>
-        <button class="btn btn-danger">Delete Account</button>
-    </div>
+	<div class="mb-3">
+		<h2>Delete Account</h2>
+		<button class="btn btn-danger">Delete Account</button>
+	</div>
 {% endblock %}