diff --git a/routes/api/v1/user_update_password.go b/routes/api/v1/user_update_password.go
index 023a92b..e33a9ba 100644
--- a/routes/api/v1/user_update_password.go
+++ b/routes/api/v1/user_update_password.go
@@ -15,8 +15,23 @@ type datPassword struct {
 // UserChangePassword is the handler to add a user
 func UserChangePassword(c echo.Context) error {
 
-	// Check if the user is admin
-	if !models.IsAdmin(c) {
+	// Get the ID
+	user := c.Param("id")
+
+	if user == "" {
+		return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
+	}
+
+	// Make int
+	userID, err := strconv.ParseInt(user, 10, 64)
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
+	}
+
+
+	// Check if the user is admin or itself
+	userJWTinfo, err := models.GetCurrentUser(c)
+	if !models.IsAdmin(c) || userJWTinfo.ID == userID {
 		return echo.ErrUnauthorized
 	}
 
@@ -33,18 +48,6 @@ func UserChangePassword(c echo.Context) error {
 		datPw.Password = pwFromString
 	}
 
-	user := c.Param("id")
-
-	if user == "" {
-		return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
-	}
-
-	// Make int
-	userID, err := strconv.ParseInt(user, 10, 64)
-	if err != nil {
-		return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
-	}
-
 	// Get User Infos
 	_, exists, err := models.GetUserByID(userID)