You can use the IUserAuthRepository.UpdateUserAuth() API in your own Service. The last Service in this previous answer has an example.
Existing Users can call the /register Service again (using PUT) whilst their authenticated to update their registration info including password.