diff --git a/interface/src/commerce/QmlCommerce.cpp b/interface/src/commerce/QmlCommerce.cpp
index 32abb11ab0..b03da0d8b7 100644
--- a/interface/src/commerce/QmlCommerce.cpp
+++ b/interface/src/commerce/QmlCommerce.cpp
@@ -48,21 +48,11 @@ void QmlCommerce::getSecurityImage() {
     wallet->getSecurityImage();
 }
 
-
-
 void QmlCommerce::chooseSecurityImage(const QString& imageFile) {
     auto wallet = DependencyManager::get<Wallet>();
     wallet->chooseSecurityImage(imageFile);
 }
 
-void QmlCommerce::setPassphrase(const QString& passphrase) {
-    auto wallet = DependencyManager::get<Wallet>();
-    wallet->setPassphrase(passphrase);
-    getWalletAuthenticatedStatus();
-}
-
-
-
 void QmlCommerce::buy(const QString& assetId, int cost, const QString& buyerUsername) {
     auto ledger = DependencyManager::get<Ledger>();
     auto wallet = DependencyManager::get<Wallet>();
@@ -94,11 +84,19 @@ void QmlCommerce::history() {
     ledger->history(wallet->listPublicKeys());
 }
 
-
+void QmlCommerce::setPassphrase(const QString& passphrase) {
+    auto wallet = DependencyManager::get<Wallet>();
+    if (wallet->getPassphrase()) {
+        wallet->changePassphrase(passphrase);
+    } else {
+        wallet->setPassphrase(passphrase);
+    }
+    getWalletAuthenticatedStatus();
+}
 
 void QmlCommerce::reset() {
     auto ledger = DependencyManager::get<Ledger>();
     auto wallet = DependencyManager::get<Wallet>();
     ledger->reset();
     wallet->reset();
-}
\ No newline at end of file
+}
diff --git a/interface/src/commerce/Wallet.cpp b/interface/src/commerce/Wallet.cpp
index 7d427bf70f..1385067bd0 100644
--- a/interface/src/commerce/Wallet.cpp
+++ b/interface/src/commerce/Wallet.cpp
@@ -217,6 +217,55 @@ RSA* readPrivateKey(const char* filename) {
     return key;
 }
 
+RSA* readKeys(const char* filename) {
+    FILE* fp;
+    RSA* key = NULL;
+    if ((fp = fopen(filename, "rt"))) {
+        // file opened successfully
+        qCDebug(commerce) << "opened key file" << filename;
+        if ((key = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL))) {
+            // now read private key
+
+            qCDebug(commerce) << "read public key";
+
+            if ((key = PEM_read_RSAPrivateKey(fp, &key, passwordCallback, NULL))) {
+                qCDebug(commerce) << "read private key";
+
+                return key;
+            }
+            qCDebug(commerce) << "failed to read private key";
+        }
+        qCDebug(commerce) << "failed to read public key";
+    } else {
+        qCDebug(commerce) << "failed to open key file" << filename;
+    }
+    return key;
+}
+
+bool writeKeys(const char* filename, RSA* keys) {
+    FILE* fp;
+    bool retval = false;
+    if ((fp = fopen(filename, "wt"))) {
+        if (!PEM_write_RSAPublicKey(fp, keys)) {
+            fclose(fp);
+            qCDebug(commerce) << "failed to write public key";
+            return retval;
+        }
+
+        if (!PEM_write_RSAPrivateKey(fp, keys, EVP_des_ede3_cbc(), NULL, 0, passwordCallback, NULL)) {
+            fclose(fp);
+            qCDebug(commerce) << "failed to write private key";
+            return retval;
+        }
+
+        retval = true;
+        qCDebug(commerce) << "wrote keys successfully";
+    } else {
+        qCDebug(commerce) << "failed to open key file" << filename;
+    }
+    return retval;
+}
+
 static const unsigned char IVEC[16] = "IAmAnIVecYay123";
 
 void initializeAESKeys(unsigned char* ivec, unsigned char* ckey, const QByteArray& salt) {
@@ -531,3 +580,30 @@ void Wallet::reset() {
     keyFile.remove();
     imageFile.remove();
 }
+
+bool Wallet::changePassphrase(const QString& newPassphrase) {
+    RSA* keys = readKeys(keyFilePath().toStdString().c_str());
+    if (keys) {
+        // we read successfully, so now write to a new temp file
+        // save old passphrase just in case
+        // TODO: force re-enter?
+        QString oldPassphrase = *_passphrase;
+        setPassphrase(newPassphrase);
+        QString tempFileName = QString("%1.%2").arg(keyFilePath(), QString("temp"));
+        if (writeKeys(tempFileName.toStdString().c_str(), keys)) {
+            // ok, now move the temp file to the correct spot
+            QFile(QString(keyFilePath())).remove();
+            QFile(tempFileName).rename(QString(keyFilePath()));
+            emit passphraseSetupStatusResult(true);
+            return true;
+        } else {
+            qCDebug(commerce) << "couldn't write keys";
+            setPassphrase(oldPassphrase);
+            emit passphraseSetupStatusResult(false);
+            return false;
+        }
+    }
+    qCDebug(commerce) << "couldn't read keys";
+    emit passphraseSetupStatusResult(false);
+    return false;
+}
diff --git a/interface/src/commerce/Wallet.h b/interface/src/commerce/Wallet.h
index 675fbc7dd8..19f5f64590 100644
--- a/interface/src/commerce/Wallet.h
+++ b/interface/src/commerce/Wallet.h
@@ -41,13 +41,14 @@ public:
     QString* getPassphrase() { return _passphrase; }
     bool getPassphraseIsCached() { return !(_passphrase->isEmpty()); }
     bool walletIsAuthenticatedWithPassphrase();
+    bool changePassphrase(const QString& newPassphrase);
 
     void reset();
 
 signals:
     void securityImageResult(bool exists);
     void keyFilePathIfExistsResult(const QString& path);
-
+    void passphraseSetupStatusResult(bool successful);
 private:
     QStringList _publicKeys{};
     QPixmap* _securityImage { nullptr };