diff --git a/database/schema.py b/database/schema.py
index 35e97623a58fae5c3e76af35bf65ca57c182463b..76eee5cf336fd3a8796a3b747fba81f298f6bd2e 100644
--- a/database/schema.py
+++ b/database/schema.py
@@ -3,7 +3,7 @@ from graphene import relay
 from graphene_sqlalchemy import SQLAlchemyObjectType, SQLAlchemyConnectionField
 from database.models import User as UserModel, Application as ApplicationModel, Role as RoleModel
 from database.database import db_session, get_user_datastore
-from flask_security.utils import hash_password
+from flask_security.utils import hash_password, verify_and_update_password
 
 user_datastore = get_user_datastore()
 
@@ -106,11 +106,17 @@ class Query(graphene.ObjectType):
     node = relay.Node.Field()
     all_users = SQLAlchemyConnectionField(User)
     get_user = graphene.Field(User,username=graphene.String())
+    verify_password = graphene.Field(graphene.Boolean, username=graphene.String(), password=graphene.String())
 
     def resolve_get_user(root, info, username):
         query = User.get_query(info)
         return query.filter(UserModel.username == username).first()
 
+    def resolve_verify_password(root, info, username, password):
+        query = User.get_query(info)
+        user = query.filter(UserModel.username == username).first()
+        return verify_and_update_password(password, user)
+
 
 class Mutation(graphene.ObjectType):
     create_user = UserMutation.Field()
diff --git a/test/test_graphql.py b/test/test_graphql.py
index acf1d9faf34fe7d0caa5bbd5c016aa413e897ec7..54965ccca16eed0282d64b21b38ee4084d798627 100644
--- a/test/test_graphql.py
+++ b/test/test_graphql.py
@@ -69,6 +69,22 @@ class GraphQlTests(LiveServerTestCase):
         self.assertEqual(user["username"], username)
         self.assertEqual(user["email"], email)
 
+    def test_verify_user_password(self):
+        username = "graphqluser"
+        password = "randompassword"
+        email = "user@example.com"
+        self._create_user(username, password, email)
+        querystring = '''
+        query{{
+          verifyPassword(
+            username: "{0}",
+            password: "{1}")
+            }}
+        '''.format(username, password).strip()
+        result = loads(self.client.execute(querystring))
+        self.assertIn("data", result)
+        self.assertTrue(result["data"]["verifyPassword"])
+
     def _create_user(self, username, password, email):
         querystring = '''
         mutation{{