diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb
index 95c37e9..0cf0fa1 100644
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -67,9 +67,14 @@ class SettingsController < ApplicationController
   def update
     @edit_user = @user.clone
 
-    if @edit_user.update_attributes(user_params)
-      flash.now[:success] = t('.updatesettingsflash')
-      @user = @edit_user
+    if params[:user][:password].empty? ||
+    @user.authenticate(params[:current_password].to_s)
+      if @edit_user.update_attributes(user_params)
+        flash.now[:success] = t('.updatesettingsflash')
+        @user = @edit_user
+      end
+    else
+      flash[:error] = t('.passwordnotcorrect')
     end
 
     render :action => "index"
diff --git a/app/views/settings/index.html.erb b/app/views/settings/index.html.erb
index c907ffd..eeb426d 100644
--- a/app/views/settings/index.html.erb
+++ b/app/views/settings/index.html.erb
@@ -18,6 +18,12 @@
       </span>
     </div>
 
+    <div class="boxline">
+      <%= label_tag :current_password, t('.currentpassword'),
+        :class => "required" %>
+      <%= password_field_tag :current_password, nil, :size => 40 %>
+    </div>
+
     <div class="boxline">
       <%= f.label :password, t('.password'), :class => "required" %>
       <%= f.password_field :password, :size => 40, :autocomplete => "off" %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index afeb79d..d703d2a 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -250,6 +250,7 @@ en:
       accountsettings: "Account Settings"
       username: "Username:"
       password: "New Password:"
+      currentpassword: "Current Password:"
       confirmpassword: "Confirm Password:"
       emailaddress: "E-mail Address:"
       gravatarized: "<a href=\"http://www.gravatar.com/\" target=\"_blank\">Gravatar</a>'ized"
@@ -328,6 +329,7 @@ en:
       verifyenable: "Verify and Enable"
     update:
       updatesettingsflash: "Successfully updated settings."
+      passwordnotcorrect: "Your password was not correct."
   stories:
     edit:
       edit: "Edit Story"
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 2866e08..a614b76 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -260,6 +260,7 @@ fr:
       accountsettings: "Paramètres du compte"
       username: "Utilisateur :"
       password: "Nouveau mot de passe :"
+      currentpassword: "Mot de passe actuel :"
       confirmpassword: "Confirmer le mot de passe :"
       emailaddress: "Adresse e-mail :"
       gravatarized: "<a href=\"http://www.gravatar.com/\" target=\"_blank\">Gravatar</a>isé"
@@ -338,6 +339,7 @@ fr:
       verifyenable: "Vérifier et Activer"
     update:
       updatesettingsflash: "Paramètres mis à jour avec succès."
+      passwordnotcorrect: "Le mot de passe est incorrect."
   stories:
     edit:
       edit: "Éditer l'info"