diff --git a/endpoints/api/user.py b/endpoints/api/user.py
index 9ccb1d7aa..b5d260516 100644
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@@ -225,8 +225,13 @@ class User(ApiResource):
       if 'password' in user_data:
         logger.debug('Changing password for user: %s', user.username)
         log_action('account_change_password', user.username)
+
+        # Change the user's password.
         model.change_password(user, user_data['password'])
 
+        # Login again to reset their session cookie.
+        common_login(user)
+
         if features.MAILING:
           send_password_changed(user.username, user.email)