diff --git a/migrations/versions/101002a6ef17_.py b/migrations/versions/101002a6ef17_.py
new file mode 100644
index 0000000..bc888e3
--- /dev/null
+++ b/migrations/versions/101002a6ef17_.py
@@ -0,0 +1,40 @@
+"""empty message
+
+Revision ID: 101002a6ef17
+Revises: dea130d45cec
+Create Date: 2025-08-11 17:16:34.617851
+
+"""
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = "101002a6ef17"
+down_revision = "dea130d45cec"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("user", schema=None) as batch_op:
+        batch_op.add_column(
+            sa.Column(
+                "must_change_password",
+                sa.Boolean(),
+                nullable=False,
+                server_default="1",
+            )
+        )
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table("user", schema=None) as batch_op:
+        batch_op.drop_column("must_change_password")
+
+    # ### end Alembic commands ###
diff --git a/models.py b/models.py
index d637f2d..dd1226c 100644
--- a/models.py
+++ b/models.py
@@ -12,17 +12,23 @@ class User(UserMixin, db.Model):
     username = db.Column(db.String(150), unique=True, nullable=False)
     password = db.Column(db.String, nullable=False)
     is_admin = db.Column(db.Boolean, nullable=False, default=False)
+    must_change_password = db.Column(db.Boolean, nullable=False, default=False)
 
     food_items = db.relationship("FoodItem", lazy="dynamic", backref="user")
     food_logs = db.relationship("FoodLog", lazy="dynamic", backref="user")
 
     def __init__(
-        self, username: str, password: str, is_admin: bool = False
+        self,
+        username: str,
+        password: str,
+        is_admin: bool = False,
+        must_change_password: bool = False,
     ) -> None:
         super().__init__()
         self.username = username
         self.password = generate_password_hash(password=password)
         self.is_admin = is_admin
+        self.must_change_password = must_change_password
 
     def check_password(self, password: str) -> bool:
         return check_password_hash(pwhash=self.password, password=password)