diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index e7e67115ddadd8ac0cb0f050431d45d105202b5f..c5cdbcef05610bb4a32559284d01c6eb116824b2 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -6,15 +6,15 @@ require_once('../../lib/base.php');
 // We send json data
 header( "Content-Type: application/jsonrequest" );
 
+$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
+$password = $_POST["password"];
+
 // Check if we are a user
-if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){
+if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' )&& $username!=OC_User::getUser())) {
 	echo json_encode( array( "status" => "error", "data" => array( "message" => "Authentication error" )));
 	exit();
 }
 
-$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$password = $_POST["password"];
-
 // Return Success story
 if( OC_User::setPassword( $username, $password )){
 	echo json_encode( array( "status" => "success", "data" => array( "username" => $username )));