diff --git a/app/Http/Controllers/Web/LoginUser/ChangePasswordController.php b/app/Http/Controllers/Web/LoginUser/ChangePasswordController.php
new file mode 100644
index 0000000..d7aec65
--- /dev/null
+++ b/app/Http/Controllers/Web/LoginUser/ChangePasswordController.php
@@ -0,0 +1,96 @@
+<?php
+
+namespace App\Http\Controllers\Web\LoginUser;
+
+use App\Codes\UserRole;
+use App\Exceptions\AppCommonException;
+use App\Exceptions\ExclusiveException;
+use App\Features\LoginUser;
+use App\Http\Controllers\Web\IParam;
+use App\Http\Controllers\Web\WebController;
+use App\Logic\User\LoginUserManager;
+use App\Repositories\LoginUserRepository;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class ChangePasswordController extends WebController
+{
+
+    use LoginUser;
+
+    public function name(): string
+    {
+        return "ログインユーザーパスワード変更";
+    }
+
+    public function description(): string
+    {
+        return "ログインユーザーのパスワードを変更する";
+    }
+
+    public function __construct(
+        protected ChangePasswordParam $param,
+        private LoginUserManager $manager
+    ) {
+        parent::__construct();
+        $this->roleAllow(UserRole::NORMAL_ADMIN);
+    }
+
+    protected function getParam(): IParam
+    {
+        return $this->param;
+    }
+
+    protected function run(Request $request): JsonResponse
+    {
+        $param = $this->param;
+
+
+        try {
+            $this->transaction->beginTransaction();
+
+
+            $currentContract = $this->loginUser()->getCurrentContract();
+            if (!$currentContract) {
+                throw new AppCommonException("認証不正");
+            }
+
+            $this->manager->initForModify($currentContract, $this->getTartgetUserId());
+
+            if (!$this->param->checkTimestamp($this->manager->getTimestamp())) {
+                throw new ExclusiveException();
+            }
+
+            $messages = $this->manager
+                ->fill($param->toArray())
+                ->update();
+
+            if (count($messages) !== 0) {
+                $this->transaction->rollBack();
+                return $this->validateErrorResponse($messages);
+            }
+
+            $this->transaction->commit();
+        } catch (Exception $e) {
+            $this->transaction->rollBack();
+            throw $e;
+        }
+
+        return $this->successResponse();
+    }
+
+    private function getTartgetUserId(): string
+    {
+
+        $loginUserRole = $this->loginUser()->user()->role;
+        if ($this->param->id !== null) {
+            if ($loginUserRole === UserRole::CONTRACT_ADMIN || $loginUserRole === UserRole::SUPER_ADMIN) {
+                return $this->param->id;
+            } else {
+                throw new AppCommonException('認証不正');
+            }
+        }
+        return $this->loginUser()->user()->id;
+    }
+}
diff --git a/app/Http/Controllers/Web/LoginUser/ChangePasswordParam.php b/app/Http/Controllers/Web/LoginUser/ChangePasswordParam.php
new file mode 100644
index 0000000..4e2fe5e
--- /dev/null
+++ b/app/Http/Controllers/Web/LoginUser/ChangePasswordParam.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Controllers\Web\LoginUser;
+
+use App\Http\Controllers\Web\BaseParam;
+use App\Models\User;
+use App\Rules\LoginPassword;
+use Illuminate\Support\Carbon;
+
+/**
+ * @property string $password
+ * @property string? $id
+ * @property Carbon $timestamp
+ */
+
+class ChangePasswordParam extends BaseParam
+{
+    public function rules(): array
+    {
+        return array_merge(
+
+            [
+                User::COL_NAME_PASSWORD => $this->str([new LoginPassword()]),
+                User::COL_NAME_ID => $this->str(true),
+            ],
+            $this->timestamp()
+        );
+    }
+}
diff --git a/app/Repositories/LoginUserRepository.php b/app/Repositories/LoginUserRepository.php
index 16cb0d1..ff05d0c 100644
--- a/app/Repositories/LoginUserRepository.php
+++ b/app/Repositories/LoginUserRepository.php
@@ -2,8 +2,10 @@
 
 namespace App\Repositories;
 
+use App\Models\Contract;
 use App\Models\User;
 use App\Repositories\BaseRepository;
+use Illuminate\Database\Query\JoinClause;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\DB;
 
@@ -18,6 +20,7 @@ class LoginUserRepository extends BaseRepository
     const CONDITION_CONTRACT_ID = 'contract_id';
 
     const TABLE_USER = "user";
+    const TABLE_CONTRACT = 'contract';
 
 
     /**
@@ -30,6 +33,12 @@ class LoginUserRepository extends BaseRepository
     {
         $table  = User::getBuilder(static::TABLE_USER);
 
+        $table->joinSub(Contract::getBuilder(), static::TABLE_CONTRACT, function (JoinClause $join) {
+            $join->on(
+                $this->makeColumnName([static::TABLE_USER, User::COL_NAME_CONTRACT_ID]),
+                $this->makeColumnName([static::TABLE_CONTRACT, Contract::COL_NAME_ID])
+            );
+        });
 
         // -----検索条件
         // ID
@@ -67,12 +76,23 @@ class LoginUserRepository extends BaseRepository
     private function columns()
     {
         $user = static::TABLE_USER;
+        $contract = static::TABLE_CONTRACT;
         $columns =   [
             $this->makeColumnNameForSelect([$user, User::COL_NAME_ID]),
             $this->makeColumnNameForSelect([$user, User::COL_NAME_NAME]),
             $this->makeColumnNameForSelect([$user, User::COL_NAME_ROLE]),
             $this->makeColumnNameForSelect([$user, User::COL_NAME_EMAIL]),
-            $this->makeColumnNameForSelect([$user, User::COL_NAME_UPDATED_AT]),
+
+            // 契約とログイン情報の大きい方
+            DB::raw(
+                sprintf(
+                    'GREATEST("%s"."%s","%s"."%s") as updated_at',
+                    $user,
+                    User::COL_NAME_UPDATED_AT,
+                    $contract,
+                    Contract::COL_NAME_UPDATED_AT,
+                )
+            ),
         ];
 
 
diff --git a/routes/api.php b/routes/api.php
index 322ac2f..e0bd387 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -32,6 +32,7 @@ RouteHelper::get('/contracts', App\Http\Controllers\Web\Contract\ContractsContro
 
 RouteHelper::get('/users', App\Http\Controllers\Web\LoginUser\LoginUsersController::class);
 RouteHelper::post('/user/create', App\Http\Controllers\Web\LoginUser\CreateController::class);
+RouteHelper::post('/user/change-password', App\Http\Controllers\Web\LoginUser\ChangePasswordController::class);
 
 
 // Custom for HelloTechno