User rights to change their password

Dear team, I would like to create a blog that will have some password protected pages, where only members that have credentials will be able to see the pages. So far, i have done the following, i have created a user, and i have activated only the “site.login” on the access rights for the users on the settings. Then i go to the page i want to protect and i activate it as “private page” from the page settings.

So far it is good.

The user has access to the pages that i want to password protect. What if the user wants to change his password? What is the best solution you recommend? Should i activate another access right for that user so that he will be able to login to the portal and change it?

anyone having an idea?