diff --git a/AlgoPhantomBackend/core/migrations/0001_initial.py b/AlgoPhantomBackend/core/migrations/0001_initial.py
new file mode 100644
index 0000000..e449fac
--- /dev/null
+++ b/AlgoPhantomBackend/core/migrations/0001_initial.py
@@ -0,0 +1,29 @@
+# Generated by Django 3.1.5 on 2021-04-06 07:35
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('quiz', '0003_auto_20210129_0400'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='quizScore',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('score', models.IntegerField(default=0)),
+                ('maximum_score', models.IntegerField(default=0)),
+                ('is_cleared', models.BooleanField(default=False)),
+                ('quiz', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='quizscore', to='quiz.quizzes')),
+                ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='quizscore', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]
diff --git a/AlgoPhantomBackend/core/serializers.py b/AlgoPhantomBackend/core/serializers.py
index 69796a5..318a208 100644
--- a/AlgoPhantomBackend/core/serializers.py
+++ b/AlgoPhantomBackend/core/serializers.py
@@ -29,18 +29,23 @@ def save(self,request):
         adapter.save_user(request, user, self)
         return user
 
-    
+
 class UserSerializer(serializers.ModelSerializer):
 
     class Meta:
         model = User
         fields = ('email', 'username', 'password',)
 
-   
+
 class TokenSerializer(serializers.ModelSerializer):
 
     class Meta:
         model=Token
         fields = ('key','user',)
 
-   
\ No newline at end of file
+
+class ChangePasswordSerializer(serializers.Serializer):
+    model = User
+
+    old_password = serializers.CharField(required=True)
+    new_password = serializers.CharField(required=True)
\ No newline at end of file
diff --git a/AlgoPhantomBackend/core/urls.py b/AlgoPhantomBackend/core/urls.py
index 60d2c16..ad064f9 100644
--- a/AlgoPhantomBackend/core/urls.py
+++ b/AlgoPhantomBackend/core/urls.py
@@ -1,6 +1,9 @@
 from django.urls import path
+from .views import ChangePasswordView
 from . import views
 
 urlpatterns = [
     path('',views.home,name='home'),
+    # Change Password
+    path('change-password/', ChangePasswordView.as_view(), name='change-password'),
 ]
diff --git a/AlgoPhantomBackend/core/views.py b/AlgoPhantomBackend/core/views.py
index f087bf8..c35b265 100644
--- a/AlgoPhantomBackend/core/views.py
+++ b/AlgoPhantomBackend/core/views.py
@@ -1,8 +1,47 @@
 from django.shortcuts import render, redirect, HttpResponse, get_object_or_404
 from django.http import HttpResponseBadRequest, JsonResponse,HttpResponseRedirect
 from django.contrib.auth.models import User
+from rest_framework import status
+from rest_framework import generics
+from rest_framework.response import Response
+from .serializers import ChangePasswordSerializer
+from rest_framework.permissions import IsAuthenticated
 # Create your views here.
 
 def home(request):
     return render(request, 'index.html')
 
+
+class ChangePasswordView(generics.UpdateAPIView):
+    """
+    An endpoint for changing password.
+    """
+    serializer_class = ChangePasswordSerializer
+    model = User
+    permission_classes = (IsAuthenticated,)
+
+    def get_object(self, queryset=None):
+        obj = self.request.user
+        return obj
+
+    def update(self, request, *args, **kwargs):
+        self.object = self.get_object()
+        serializer = self.get_serializer(data=request.data)
+
+        if serializer.is_valid():
+            # Check old password
+            if not self.object.check_password(serializer.data.get("old_password")):
+                return Response({"old_password": ["Wrong password.Try again"]}, status=status.HTTP_400_BAD_REQUEST)
+
+            self.object.set_password(serializer.data.get("new_password"))
+            self.object.save()
+            response = {
+                'status': 'success',
+                'code': status.HTTP_200_OK,
+                'message': 'Password updated successfully',
+                'data': []
+            }
+
+            return Response(response)
+
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
\ No newline at end of file
diff --git a/AlgoPhantomBackend/db.sqlite3 b/AlgoPhantomBackend/db.sqlite3
index ccda1b7..9c6de12 100644
Binary files a/AlgoPhantomBackend/db.sqlite3 and b/AlgoPhantomBackend/db.sqlite3 differ