diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index a4847f3d7..8f24e5a97 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -42,6 +42,7 @@ Changelog
  * Added hook `construct_homepage_summary_items` for customising the site summary panel on the admin homepage
  * No longer automatically tries to use Celery for sending notification emails
  * Added "Add child page" button to admin userbar (Eric Drechsel)
+ * Fix: Prevent logout on changing password when SessionAuthenticationMiddleware is in use
 
 
 0.8.6 (10.03.2015)
diff --git a/docs/releases/1.0.rst b/docs/releases/1.0.rst
index f694a45c4..e01c93fb5 100644
--- a/docs/releases/1.0.rst
+++ b/docs/releases/1.0.rst
@@ -108,6 +108,7 @@ Bug fixes
 
  * The ``document_served`` signal now correctly passes the Document class as ``sender`` and the document as ``instance``
  * Image edit page no longer throws ``OSError`` when the original image is missing
+ * Users are no longer logged out on changing password when SessionAuthenticationMiddleware is in use
 
 
 Upgrade considerations
diff --git a/wagtail/tests/settings.py b/wagtail/tests/settings.py
index 0fb085b6c..23bae88f8 100644
--- a/wagtail/tests/settings.py
+++ b/wagtail/tests/settings.py
@@ -43,6 +43,7 @@ MIDDLEWARE_CLASSES = (
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 
diff --git a/wagtail/wagtailadmin/views/account.py b/wagtail/wagtailadmin/views/account.py
index 8e758c36e..77a45eb3b 100644
--- a/wagtail/wagtailadmin/views/account.py
+++ b/wagtail/wagtailadmin/views/account.py
@@ -3,6 +3,7 @@ from django.shortcuts import render, redirect
 from django.contrib import messages
 from django.contrib.auth.forms import SetPasswordForm
 from django.contrib.auth.views import logout as auth_logout, login as auth_login
+from django.contrib.auth import update_session_auth_hash
 from django.utils.translation import ugettext as _ 
 from django.views.decorators.debug import sensitive_post_parameters
 from django.views.decorators.cache import never_cache
@@ -32,6 +33,7 @@ def change_password(request):
 
             if form.is_valid():
                 form.save()
+                update_session_auth_hash(request, form.user)
 
                 messages.success(request, _("Your password has been changed successfully!"))
                 return redirect('wagtailadmin_account')