diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 2cac200e2..ab8939b87 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -21,12 +21,25 @@ class UsersController < ApplicationController
 
   def update
     @user = current_user
-
     data = clean_hash params[:user]
     prep_image_url(data)
 
+
+    params[:user].delete(:password) if params[:user][:password].blank?
+    params[:user].delete(:password_confirmation) if params[:user][:password].blank? and params[:user][:password_confirmation].blank?
+    
+    if params[:user][:password] && params[:user][:password_confirmation]
+      if @user.update_attributes(:password => params[:user][:password], :password_confirmation => params[:user][:password_confirmation])
+        flash[:notice] = "Password Changed"
+      else
+        flash[:error] = "Password Change Failed"
+      end
+      
+    end
+    
     @user.update_profile data
-    respond_with(@user, :location => root_url)
+    redirect_to edit_user_path(@user)
+
   end
 
   def public
diff --git a/app/views/users/_profile.haml b/app/views/users/_profile.haml
index 774f3a094..8cffa53cb 100644
--- a/app/views/users/_profile.haml
+++ b/app/views/users/_profile.haml
@@ -47,6 +47,13 @@
     %p
       = p.label :last_name
       = p.text_field :last_name, :value => @profile.last_name
+  %p
+    = f.label :password
+    = f.text_field :password
+  %p
+    = f.label :password_confirmation
+    = f.text_field :password_confirmation
+
 
   #submit_block
     = link_to t('.cancel'), root_path
diff --git a/config/environment.rb b/config/environment.rb
index 7fff237bd..ddfc9c247 100644
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -15,6 +15,8 @@ if File.exists?(File.expand_path("./config/fb_config.yml"))
   FB_APP_ID  = fb_config['fb_app_id']
   HOST       = fb_config['host']
   FACEBOOK   = true
+else
+  FACEBOOK   = false
 end
 # Initialize the rails application
 Diaspora::Application.initialize!
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index a050738e1..272775771 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -27,7 +27,42 @@ describe UsersController do
         
         @user.person.profile.image_url.should == image_url
       end
+    end
 
+    context 'should allow the user to update their password' do
+      it 'should change a users password ' do
+        old_password = @user.encrypted_password
+
+        put("update", :id => @user.id, "user"=> {"password" => "foobaz", 'password_confirmation' => "foobaz","profile"=> 
+            {"image_url"   => "",
+            "last_name"  => @user.person.profile.last_name,
+            "first_name" => @user.person.profile.first_name}}) 
+
+        @user.reload
+        @user.encrypted_password.should_not == old_password
+      end
+
+      it 'should not change a password if they do not match' do 
+        old_password = @user.encrypted_password 
+        put("update", :id => @user.id, "user"=> {"password" => "foobarz", 'password_confirmation' => "not_the_same","profile"=> 
+            {"image_url"   => "",
+            "last_name"  => @user.person.profile.last_name,
+            "first_name" => @user.person.profile.first_name}}) 
+          @user.reload
+          @user.encrypted_password.should == old_password
+      end
+  
+
+      it 'should not update if the password fields are left blank' do 
+        
+          old_password = @user.encrypted_password 
+          put("update", :id => @user.id, "user"=> {"password" => "", 'password_confirmation' => "","profile"=> 
+              {"image_url"   => "",
+              "last_name"  => @user.person.profile.last_name,
+              "first_name" => @user.person.profile.first_name}}) 
+            @user.reload
+            @user.encrypted_password.should == old_password
+      end
     end
   end
 end