diff --git a/opentech/apply/users/templates/users/change_password.html b/opentech/apply/users/templates/users/change_password.html
index 26799c69da341f713f390e9eb7139740fbbb8c1a..178f25355ec310ee23a30bab009fc1665c9e60ec 100644
--- a/opentech/apply/users/templates/users/change_password.html
+++ b/opentech/apply/users/templates/users/change_password.html
@@ -25,7 +25,7 @@
         </div>
     {% endif %}
 
-    <form action="{% url 'users:password_change' %}" method="POST" novalidate>
+    <form action="" method="POST" novalidate>
         {% csrf_token %}
 
         {% for field in form %}
diff --git a/opentech/apply/users/urls.py b/opentech/apply/users/urls.py
index 76a7b05630c31f8e9af23808de248e06e8d12d87..de7070648cca6120d29ae1cd4506377a09574b66 100644
--- a/opentech/apply/users/urls.py
+++ b/opentech/apply/users/urls.py
@@ -2,7 +2,7 @@ from django.conf.urls import url
 from django.contrib.auth import views as auth_views
 from django.urls import reverse_lazy
 
-from opentech.apply.users.views import account, oauth, ActivationView
+from opentech.apply.users.views import account, oauth, ActivationView, create_password
 
 urlpatterns = [
     url(r'^$', account, name='account'),
@@ -58,5 +58,6 @@ urlpatterns = [
         ActivationView.as_view(),
         name='activate'
     ),
+    url(r'^activate/password/', create_password, name="activate_password"),
     url(r'^oauth$', oauth, name='oauth'),
 ]
diff --git a/opentech/apply/users/views.py b/opentech/apply/users/views.py
index 893b203c1fd4e7cdde8539f1b14ac9e1b59147cb..a194121dd889fd8ff8c923444a975d25fa402321 100644
--- a/opentech/apply/users/views.py
+++ b/opentech/apply/users/views.py
@@ -1,5 +1,7 @@
-from django.contrib.auth import get_user_model, login
+from django.contrib import messages
+from django.contrib.auth import get_user_model, login, update_session_auth_hash
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.forms import AdminPasswordChangeForm
 from django.contrib.auth.tokens import PasswordResetTokenGenerator
 from django.shortcuts import redirect, render
 from django.template.response import TemplateResponse
@@ -40,7 +42,7 @@ class ActivationView(TemplateView):
         if user:
             user.backend = 'django.contrib.auth.backends.ModelBackend'
             login(request, user)
-            return redirect('users:password_change')
+            return redirect('users:activate_password')
 
         return render(request, 'users/activation/invalid.html')
 
@@ -84,3 +86,20 @@ class ActivationView(TemplateView):
             return user
         except (TypeError, ValueError, OverflowError, User.DoesNotExist):
             return None
+
+
+def create_password(request):
+    if request.method == 'POST':
+        form = AdminPasswordChangeForm(request.user, request.POST)
+        if form.is_valid():
+            user = form.save()
+            update_session_auth_hash(request, user)  # Important!
+            messages.success(request, 'Your password was successfully updated!')
+            return redirect('users:account')
+        else:
+            messages.error(request, 'Please correct the errors below.')
+    else:
+        form = AdminPasswordChangeForm(request.user)
+    return render(request, 'users/change_password.html', {
+        'form': form
+    })