diff --git a/apps/frontend/app/dashboard/profile/page.tsx b/apps/frontend/app/dashboard/profile/page.tsx
index 2adc751..96b3a25 100644
--- a/apps/frontend/app/dashboard/profile/page.tsx
+++ b/apps/frontend/app/dashboard/profile/page.tsx
@@ -12,7 +12,7 @@ import { useMutation, useQueryClient } from '@tanstack/react-query';
 import { useForm } from 'react-hook-form';
 import { zodResolver } from '@hookform/resolvers/zod';
 import { z } from 'zod';
-import { updateUser } from '@/lib/api';
+import { updateUser, changePassword } from '@/lib/api';
 
 // Password update schema
 const passwordSchema = z
@@ -84,12 +84,13 @@ export default function ProfilePage() {
     },
   });
 
-  // Update password mutation (you'll need to add this endpoint)
+  // Update password mutation
   const updatePasswordMutation = useMutation({
     mutationFn: async (data: PasswordFormData) => {
-      // TODO: Add password update endpoint
-      // return updatePassword(data);
-      return Promise.resolve({ success: true });
+      return changePassword({
+        currentPassword: data.currentPassword,
+        newPassword: data.newPassword,
+      });
     },
     onSuccess: () => {
       setSuccessMessage('Password updated successfully!');
diff --git a/apps/frontend/src/lib/api/index.ts b/apps/frontend/src/lib/api/index.ts
index 90cbc0f..88905ac 100644
--- a/apps/frontend/src/lib/api/index.ts
+++ b/apps/frontend/src/lib/api/index.ts
@@ -53,8 +53,16 @@ export {
   type CsvBookingStatsResponse,
 } from './bookings';
 
-// Users (6 endpoints)
-export { listUsers, getUser, createUser, updateUser, deleteUser, restoreUser } from './users';
+// Users (7 endpoints)
+export {
+  listUsers,
+  getUser,
+  createUser,
+  updateUser,
+  deleteUser,
+  restoreUser,
+  changePassword,
+} from './users';
 
 // Organizations (4 endpoints)
 export {
diff --git a/apps/frontend/src/lib/api/users.ts b/apps/frontend/src/lib/api/users.ts
index 7197c5f..edecaa1 100644
--- a/apps/frontend/src/lib/api/users.ts
+++ b/apps/frontend/src/lib/api/users.ts
@@ -78,3 +78,15 @@ export async function deleteUser(id: string): Promise<SuccessResponse> {
 export async function restoreUser(id: string): Promise<UserResponse> {
   return post<UserResponse>(`/api/v1/users/${id}/restore`);
 }
+
+/**
+ * Change own password
+ * PATCH /api/v1/users/me/password
+ * Requires: Authentication
+ */
+export async function changePassword(data: {
+  currentPassword: string;
+  newPassword: string;
+}): Promise<{ message: string }> {
+  return patch<{ message: string }>('/api/v1/users/me/password', data);
+}