diff --git a/rocket-backend/integration-tests/internal/database-tests/image_store_table_test.go b/rocket-backend/integration-tests/internal/database-tests/image_store_table_test.go
index ade74c3..044dc28 100644
--- a/rocket-backend/integration-tests/internal/database-tests/image_store_table_test.go
+++ b/rocket-backend/integration-tests/internal/database-tests/image_store_table_test.go
@@ -4,9 +4,9 @@ import (
 	"bytes"
 	"time"
 
+	"github.com/google/uuid"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
-	"github.com/google/uuid"
 )
 
 var _ = Describe("Image Store Table Integration", func() {
@@ -92,4 +92,61 @@ var _ = Describe("Image Store Table Integration", func() {
 		err := row.Scan(&gotID, &gotName, &gotData)
 		Expect(err).ToNot(BeNil())
 	})
+
+	It("should save and delete a user image", func() {
+		imageID := uuid.New()
+		imgName := "todelete.png"
+		imgData := []byte{0x89, 0x50, 0x4E, 0x47}
+
+		_, err := testDbInstance.Exec(`
+			INSERT INTO image_store (id, image_name, image_data)
+			VALUES ($1, $2, $3)
+		`, imageID, imgName, imgData)
+		Expect(err).To(BeNil())
+
+		// Link image to user in settings
+		_, err = testDbInstance.Exec(`
+			UPDATE settings SET image_id = $1 WHERE user_id = $2
+		`, imageID, userID)
+		Expect(err).To(BeNil())
+
+		// Delete user image
+		_, err = testDbInstance.Exec(`
+			UPDATE settings SET image_id = NULL WHERE user_id = $1
+		`, userID)
+		Expect(err).To(BeNil())
+		_, err = testDbInstance.Exec(`
+			DELETE FROM image_store WHERE id = $1
+		`, imageID)
+		Expect(err).To(BeNil())
+
+		// Confirm deletion
+		row := testDbInstance.QueryRow(`
+			SELECT COUNT(*) FROM image_store WHERE id = $1
+		`, imageID)
+		var count int
+		err = row.Scan(&count)
+		Expect(err).To(BeNil())
+		Expect(count).To(Equal(0))
+	})
+
+	It("should return error when getting image for user with no image", func() {
+		// Remove image_id from settings if present
+		_, err := testDbInstance.Exec(`
+			UPDATE settings SET image_id = NULL WHERE user_id = $1
+		`, userID)
+		Expect(err).To(BeNil())
+
+		row := testDbInstance.QueryRow(`
+			SELECT i.id, i.image_name, i.image_data
+			FROM settings s
+			JOIN image_store i ON s.image_id = i.id
+			WHERE s.user_id = $1
+		`, userID)
+		var gotID uuid.UUID
+		var gotName string
+		var gotData []byte
+		err = row.Scan(&gotID, &gotName, &gotData)
+		Expect(err).ToNot(BeNil())
+	})
 })
diff --git a/rocket-backend/integration-tests/internal/database-tests/user_table_test.go b/rocket-backend/integration-tests/internal/database-tests/user_table_test.go
index 0979789..ee10fdb 100644
--- a/rocket-backend/integration-tests/internal/database-tests/user_table_test.go
+++ b/rocket-backend/integration-tests/internal/database-tests/user_table_test.go
@@ -82,4 +82,114 @@ var _ = Describe("Users Table Integration", func() {
 		Expect(err).ToNot(BeNil())
 		Expect(err.Error()).To(ContainSubstring("violates foreign key constraint"))
 	})
+
+	It("should update and retrieve user name", func() {
+		username := "useruser"
+		email := "useruser@example.com"
+		rocketpoints := 42
+
+		_, err := testDbInstance.Exec(`
+			INSERT INTO users (id, username, email, rocketpoints)
+			VALUES ($1, $2, $3, $4)
+		`, userID, username, email, rocketpoints)
+		Expect(err).To(BeNil())
+
+		_, err = testDbInstance.Exec(`
+			UPDATE users SET username = $1 WHERE id = $2
+		`, "newname", userID)
+		Expect(err).To(BeNil())
+
+		row := testDbInstance.QueryRow(`
+			SELECT username FROM users WHERE id = $1
+		`, userID)
+		var gotUsername string
+		err = row.Scan(&gotUsername)
+		Expect(err).To(BeNil())
+		Expect(gotUsername).To(Equal("newname"))
+	})
+
+	It("should update and retrieve user email in both users and credentials", func() {
+		username := "useruser"
+		email := "useruser@example.com"
+		rocketpoints := 42
+
+		_, err := testDbInstance.Exec(`
+			INSERT INTO users (id, username, email, rocketpoints)
+			VALUES ($1, $2, $3, $4)
+		`, userID, username, email, rocketpoints)
+		Expect(err).To(BeNil())
+
+		_, err = testDbInstance.Exec(`
+			UPDATE users SET email = $1 WHERE id = $2
+		`, "newemail@example.com", userID)
+		Expect(err).To(BeNil())
+		_, err = testDbInstance.Exec(`
+			UPDATE credentials SET email = $1 WHERE id = $2
+		`, "newemail@example.com", userID)
+		Expect(err).To(BeNil())
+
+		row := testDbInstance.QueryRow(`
+			SELECT email FROM users WHERE id = $1
+		`, userID)
+		var gotEmail string
+		err = row.Scan(&gotEmail)
+		Expect(err).To(BeNil())
+		Expect(gotEmail).To(Equal("newemail@example.com"))
+
+		row = testDbInstance.QueryRow(`
+			SELECT email FROM credentials WHERE id = $1
+		`, userID)
+		err = row.Scan(&gotEmail)
+		Expect(err).To(BeNil())
+		Expect(gotEmail).To(Equal("newemail@example.com"))
+	})
+
+	It("should get user ID by username", func() {
+		username := "useruser"
+		email := "useruser@example.com"
+		rocketpoints := 42
+
+		_, err := testDbInstance.Exec(`
+			INSERT INTO users (id, username, email, rocketpoints)
+			VALUES ($1, $2, $3, $4)
+		`, userID, username, email, rocketpoints)
+		Expect(err).To(BeNil())
+
+		row := testDbInstance.QueryRow(`
+			SELECT id FROM users WHERE username = $1
+		`, username)
+		var gotID uuid.UUID
+		err = row.Scan(&gotID)
+		Expect(err).To(BeNil())
+		Expect(gotID).To(Equal(userID))
+	})
+
+	It("should delete a user and its credentials", func() {
+		username := "useruser"
+		email := "useruser@example.com"
+		rocketpoints := 42
+
+		_, err := testDbInstance.Exec(`
+			INSERT INTO users (id, username, email, rocketpoints)
+			VALUES ($1, $2, $3, $4)
+		`, userID, username, email, rocketpoints)
+		Expect(err).To(BeNil())
+
+		_, err = testDbInstance.Exec(`
+			DELETE FROM users WHERE id = $1
+		`, userID)
+		Expect(err).To(BeNil())
+		_, err = testDbInstance.Exec(`
+			DELETE FROM credentials WHERE id = $1
+		`, userID)
+		Expect(err).To(BeNil())
+
+		row := testDbInstance.QueryRow(`
+			SELECT COUNT(*) FROM users WHERE id = $1
+		`, userID)
+		var count int
+		err = row.Scan(&count)
+		Expect(err).To(BeNil())
+		Expect(count).To(Equal(0))
+	})
 })
diff --git a/rocket-backend/integration-tests/internal/server-tests/settings_routes_test.go b/rocket-backend/integration-tests/internal/server-tests/settings_routes_test.go
index d4b9336..a3f046c 100644
--- a/rocket-backend/integration-tests/internal/server-tests/settings_routes_test.go
+++ b/rocket-backend/integration-tests/internal/server-tests/settings_routes_test.go
@@ -95,4 +95,91 @@ var _ = Describe("Settings Handlers API", func() {
 		_ = json.NewDecoder(resp.Body).Decode(&result)
 		Expect(result["message"]).To(Equal("Image updated successfully"))
 	})
+
+	It("should delete user image", func() {
+		// First, upload an image so there is something to delete
+		imgPath := filepath.Join(os.TempDir(), "testimg_del.png")
+		os.WriteFile(imgPath, []byte{0x89, 0x50, 0x4E, 0x47}, 0644)
+		file, _ := os.Open(imgPath)
+		defer file.Close()
+
+		var b bytes.Buffer
+		w := multipart.NewWriter(&b)
+		fw, _ := w.CreateFormFile("image", "testimg_del.png")
+		file.Seek(0, 0)
+		_, _ = file.WriteTo(fw)
+		w.Close()
+
+		req, _ := http.NewRequest("POST", baseURL+"/protected/settings/image", &b)
+		req.Header.Set("Authorization", "Bearer "+token)
+		req.Header.Set("Content-Type", w.FormDataContentType())
+		resp, err := http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		resp.Body.Close()
+
+		// Now, delete the image
+		req, _ = http.NewRequest("DELETE", baseURL+"/protected/settings/image", nil)
+		req.Header.Set("Authorization", "Bearer "+token)
+		resp, err = http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		defer resp.Body.Close()
+		Expect(resp.StatusCode).To(Equal(200))
+		var result map[string]any
+		_ = json.NewDecoder(resp.Body).Decode(&result)
+		Expect(result["message"]).To(Equal("Image deleted successfully"))
+	})
+
+	It("should update user info (name and email)", func() {
+		payload := map[string]any{
+			"name":  "New Name",
+			"email": "newemail@example.com",
+		}
+		body, _ := json.Marshal(payload)
+		req, _ := http.NewRequest("POST", baseURL+"/protected/settings/userinfo", bytes.NewReader(body))
+		req.Header.Set("Authorization", "Bearer "+token)
+		req.Header.Set("Content-Type", "application/json")
+		resp, err := http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		defer resp.Body.Close()
+		Expect(resp.StatusCode).To(Equal(200))
+		var result map[string]any
+		_ = json.NewDecoder(resp.Body).Decode(&result)
+		Expect(result["message"]).To(Equal("User info updated successfully"))
+	})
+
+	It("should update user password with correct current password", func() {
+		payload := map[string]any{
+			"currentPassword": "password123",
+			"newPassword":     "newpass456",
+		}
+		body, _ := json.Marshal(payload)
+		req, _ := http.NewRequest("POST", baseURL+"/protected/settings/userinfo", bytes.NewReader(body))
+		req.Header.Set("Authorization", "Bearer "+token)
+		req.Header.Set("Content-Type", "application/json")
+		resp, err := http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		defer resp.Body.Close()
+		Expect(resp.StatusCode).To(Equal(200))
+		var result map[string]any
+		_ = json.NewDecoder(resp.Body).Decode(&result)
+		Expect(result["message"]).To(Equal("User info updated successfully"))
+	})
+
+	It("should reject password update with wrong current password", func() {
+		payload := map[string]any{
+			"currentPassword": "wrongpassword",
+			"newPassword":     "newpass456",
+		}
+		body, _ := json.Marshal(payload)
+		req, _ := http.NewRequest("POST", baseURL+"/protected/settings/userinfo", bytes.NewReader(body))
+		req.Header.Set("Authorization", "Bearer "+token)
+		req.Header.Set("Content-Type", "application/json")
+		resp, err := http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		defer resp.Body.Close()
+		Expect(resp.StatusCode).To(Equal(401))
+		var result map[string]any
+		_ = json.NewDecoder(resp.Body).Decode(&result)
+		Expect(result["error"]).To(Equal("Current password incorrect"))
+	})
 })
diff --git a/rocket-backend/integration-tests/internal/server-tests/user_routes_test.go b/rocket-backend/integration-tests/internal/server-tests/user_routes_test.go
index 94214e8..cacebe2 100644
--- a/rocket-backend/integration-tests/internal/server-tests/user_routes_test.go
+++ b/rocket-backend/integration-tests/internal/server-tests/user_routes_test.go
@@ -118,4 +118,26 @@ var _ = Describe("Protected Handlers API", func() {
 		_ = json.NewDecoder(resp.Body).Decode(&users)
 		Expect(users).To(BeNil())
 	})
+
+	It("should delete the user account", func() {
+		delToken := registerAndLogin("deleteuser@example.com", "password123", "deleteuser")
+
+		req, _ := http.NewRequest("DELETE", baseURL+"/protected/user", nil)
+		req.Header.Set("Authorization", "Bearer "+delToken)
+		resp, err := http.DefaultClient.Do(req)
+		Expect(err).To(BeNil())
+		defer resp.Body.Close()
+		Expect(resp.StatusCode).To(Equal(200))
+		var result map[string]any
+		_ = json.NewDecoder(resp.Body).Decode(&result)
+		Expect(result["message"]).To(Equal("User deleted successfully"))
+
+		// Try to access a protected endpoint with the same token, should be unauthorized
+		req2, _ := http.NewRequest("GET", baseURL+"/protected/user", nil)
+		req2.Header.Set("Authorization", "Bearer "+delToken)
+		resp2, err := http.DefaultClient.Do(req2)
+		Expect(err).To(BeNil())
+		defer resp2.Body.Close()
+		Expect(resp2.StatusCode).To(Equal(401))
+	})
 })
diff --git a/rocket-backend/internal/database/database.go b/rocket-backend/internal/database/database.go
index 46735ee..3b17640 100644
--- a/rocket-backend/internal/database/database.go
+++ b/rocket-backend/internal/database/database.go
@@ -42,6 +42,11 @@ type Service interface {
 	GetUserIDByName(name string) (uuid.UUID, error)
 	GetTopUsers(limit int) ([]types.User, error)
 	GetAllUsers(excludeUserID *uuid.UUID) ([]types.User, error)
+	DeleteUser(userID uuid.UUID) error
+	UpdateUserName(userID uuid.UUID, newName string) error
+	UpdateUserEmail(userID uuid.UUID, newEmail string) error
+	CheckUserPassword(userID uuid.UUID, currentPassword string) (bool, error)
+	UpdateUserPassword(userID uuid.UUID, newPassword string) error
 
 	// daily_steps
 	UpdateDailySteps(userID uuid.UUID, steps int) error
@@ -55,6 +60,7 @@ type Service interface {
 	UpdateSettingsImage(userId uuid.UUID, imageID uuid.UUID) error
 	UpdateStepGoal(userId uuid.UUID, stepGoal int) error
 	UpdateImage(userId uuid.UUID, imageID uuid.UUID) error
+	DeleteUserImage(userID uuid.UUID) error
 
 	// images
 	SaveImage(filename string, data []byte) (uuid.UUID, error)
diff --git a/rocket-backend/internal/database/image_store_table.go b/rocket-backend/internal/database/image_store_table.go
index 617b609..cb53788 100644
--- a/rocket-backend/internal/database/image_store_table.go
+++ b/rocket-backend/internal/database/image_store_table.go
@@ -56,3 +56,39 @@ func (s *service) GetUserImage(userID uuid.UUID) (*types.UserImage, error) {
 
 	return &img, nil
 }
+
+func (s *service) DeleteUserImage(userID uuid.UUID) error {
+	var imageID uuid.UUID
+	err := s.db.QueryRow(`
+		SELECT image_id FROM settings WHERE user_id = $1
+	`, userID).Scan(&imageID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			logger.Warn("No settings found for user:", userID)
+			return nil
+		}
+		logger.Error("Failed to get image_id from settings", err)
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToRetrieveData, err)
+	}
+	if imageID == uuid.Nil {
+		return nil
+	}
+
+	_, err = s.db.Exec(`
+		UPDATE settings SET image_id = NULL WHERE user_id = $1
+	`, userID)
+	if err != nil {
+		logger.Error("Failed to remove image reference from settings", err)
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToDelete, err)
+	}
+
+	_, err = s.db.Exec(`
+		DELETE FROM image_store WHERE id = $1
+	`, imageID)
+	if err != nil {
+		logger.Error("Failed to delete image", err)
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToDelete, err)
+	}
+
+	return nil
+}
diff --git a/rocket-backend/internal/database/user_table.go b/rocket-backend/internal/database/user_table.go
index ddbee8e..2a48ca6 100644
--- a/rocket-backend/internal/database/user_table.go
+++ b/rocket-backend/internal/database/user_table.go
@@ -9,6 +9,7 @@ import (
 	"github.com/google/uuid"
 	_ "github.com/jackc/pgx/v5/stdlib"
 	_ "github.com/joho/godotenv/autoload"
+	"golang.org/x/crypto/bcrypt"
 )
 
 func (s *service) SaveUserProfile(user types.User) error {
@@ -84,6 +85,72 @@ func (s *service) GetTopUsers(limit int) ([]types.User, error) {
 	return users, nil
 }
 
+// UpdateUserName updates the username for a given user UUID.
+func (s *service) UpdateUserName(userID uuid.UUID, newName string) error {
+	query := `UPDATE users SET username = $2 WHERE id = $1`
+	_, err := s.db.Exec(query, userID, newName)
+	if err != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToUpdate, err)
+	}
+	return nil
+}
+
+// UpdateUserEmail updates the email for a given user UUID in both users and credentials tables.
+func (s *service) UpdateUserEmail(userID uuid.UUID, newEmail string) error {
+	tx, err := s.db.Begin()
+	if err != nil {
+		return fmt.Errorf("failed to begin transaction: %w", err)
+	}
+	defer tx.Rollback()
+
+	// Update in users table
+	queryUsers := `UPDATE users SET email = $2 WHERE id = $1`
+	if _, err := tx.Exec(queryUsers, userID, newEmail); err != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToUpdate, err)
+	}
+
+	// Update in credentials table
+	queryCreds := `UPDATE credentials SET email = $2 WHERE id = $1`
+	if _, err := tx.Exec(queryCreds, userID, newEmail); err != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToUpdate, err)
+	}
+
+	if err := tx.Commit(); err != nil {
+		return fmt.Errorf("failed to commit transaction: %w", err)
+	}
+	return nil
+}
+
+// CheckUserPassword checks if the provided password matches the user's current password using bcrypt.
+func (s *service) CheckUserPassword(userID uuid.UUID, currentPassword string) (bool, error) {
+	var hashedPassword string
+	query := `SELECT password FROM credentials WHERE id = $1`
+	err := s.db.QueryRow(query, userID).Scan(&hashedPassword)
+	if err != nil {
+		return false, fmt.Errorf("%w: %v", custom_error.ErrFailedToRetrieveData, err)
+	}
+	// Use bcrypt for password verification
+	if err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(currentPassword)); err != nil {
+		return false, nil
+	}
+	return true, nil
+}
+
+// UpdateUserPassword updates the user's password in the credentials table using bcrypt.
+func (s *service) UpdateUserPassword(userID uuid.UUID, newPassword string) error {
+	// Hash the new password using bcrypt
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
+	if err != nil {
+		return fmt.Errorf("failed to hash new password: %w", err)
+	}
+	query := `UPDATE credentials SET password = $2 WHERE id = $1`
+	_, err = s.db.Exec(query, userID, string(hashedPassword))
+	if err != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToUpdate, err)
+	}
+	return nil
+}
+
 func (s *service) GetAllUsers(excludeUserID *uuid.UUID) ([]types.User, error) {
 	var users []types.User
 	var rows *sql.Rows
@@ -116,3 +183,21 @@ func (s *service) GetAllUsers(excludeUserID *uuid.UUID) ([]types.User, error) {
 
 	return users, nil
 }
+
+func (s *service) DeleteUser(userID uuid.UUID) error {
+	// First, delete from users (this will cascade to all dependent tables)
+	query := `DELETE FROM users WHERE id = $1`
+	_, err := s.db.Exec(query, userID)
+	if err != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToDelete, err)
+	}
+
+	// Then, delete from credentials (since users references credentials, not the other way around)
+	credQuery := `DELETE FROM credentials WHERE id = $1`
+	_, credErr := s.db.Exec(credQuery, userID)
+	if credErr != nil {
+		return fmt.Errorf("%w: %v", custom_error.ErrFailedToDelete, credErr)
+	}
+
+	return nil
+}
diff --git a/rocket-backend/internal/server/routes.go b/rocket-backend/internal/server/routes.go
index 5601395..865ec38 100644
--- a/rocket-backend/internal/server/routes.go
+++ b/rocket-backend/internal/server/routes.go
@@ -37,8 +37,11 @@ func (s *Server) RegisterRoutes() http.Handler {
 			protected.GET("/settings", s.GetSettingsHandler)
 			protected.POST("/settings/step-goal", s.UpdateStepGoalHandler)
 			protected.POST("/settings/image", s.UpdateImageHandler)
+			protected.DELETE("/settings/image", s.DeleteImageHandler)
+			protected.POST("/settings/userinfo", s.UpdateUserInfoHandler)
 
 			protected.GET("/user", s.GetUserHandler)
+			protected.DELETE("/user", s.DeleteUserHandler)
 			protected.GET("/user/:name", s.GetUserByNameHandler)
 			protected.POST("/user/statistics", s.GetUserStatisticsHandler)
 			protected.POST("/user/image", s.GetUserImageHandler)
diff --git a/rocket-backend/internal/server/settings_handlers.go b/rocket-backend/internal/server/settings_handlers.go
index 6ea8891..21a7deb 100644
--- a/rocket-backend/internal/server/settings_handlers.go
+++ b/rocket-backend/internal/server/settings_handlers.go
@@ -122,3 +122,91 @@ func (s *Server) UpdateImageHandler(c *gin.Context) {
 
 	c.JSON(http.StatusOK, gin.H{"message": "Image updated successfully"})
 }
+
+func (s *Server) DeleteImageHandler(c *gin.Context) {
+	userID, exists := c.Get("userID")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	userUUID, err := uuid.Parse(userID.(string))
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid user ID format"})
+		return
+	}
+
+	logger.Info("Deleting image for user", "userID", userUUID)
+
+	err = s.db.DeleteUserImage(userUUID)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to delete image"})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"message": "Image deleted successfully"})
+}
+
+func (s *Server) UpdateUserInfoHandler(c *gin.Context) {
+	userID, exists := c.Get("userID")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+	userUUID, err := uuid.Parse(userID.(string))
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid user ID format"})
+		return
+	}
+
+	var req struct {
+		Name            *string `json:"name"`
+		Email           *string `json:"email"`
+		CurrentPassword *string `json:"currentPassword"`
+		NewPassword     *string `json:"newPassword"`
+	}
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request body"})
+		return
+	}
+
+	// Update name
+	if req.Name != nil {
+		if err := s.db.UpdateUserName(userUUID, *req.Name); err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update name"})
+			return
+		}
+	}
+
+	// Update email
+	if req.Email != nil {
+		if err := s.db.UpdateUserEmail(userUUID, *req.Email); err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update email"})
+			return
+		}
+	}
+
+	// Update password
+	if req.NewPassword != nil {
+		if req.CurrentPassword == nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "Current password required"})
+			return
+		}
+		// Validate current password
+		ok, err := s.db.CheckUserPassword(userUUID, *req.CurrentPassword)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check current password"})
+			return
+		}
+		if !ok {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Current password incorrect"})
+			return
+		}
+		if err := s.db.UpdateUserPassword(userUUID, *req.NewPassword); err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update password"})
+			return
+		}
+	}
+
+	c.JSON(http.StatusOK, gin.H{"message": "User info updated successfully"})
+}
diff --git a/rocket-backend/internal/server/user_handlers.go b/rocket-backend/internal/server/user_handlers.go
index 69cd1f2..413a276 100644
--- a/rocket-backend/internal/server/user_handlers.go
+++ b/rocket-backend/internal/server/user_handlers.go
@@ -263,3 +263,29 @@ func (s *Server) GetUserByNameHandler(c *gin.Context) {
 
 	c.JSON(http.StatusOK, userWithImage)
 }
+
+func (s *Server) DeleteUserHandler(c *gin.Context) {
+	userID, exists := c.Get("userID")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+		return
+	}
+
+	userUUID, err := uuid.Parse(userID.(string))
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid user ID format"})
+		return
+	}
+
+	err = s.db.DeleteUser(userUUID)
+	if err != nil {
+		if errors.Is(err, custom_error.ErrUserNotFound) {
+			c.JSON(http.StatusNotFound, gin.H{"error": "User not found"})
+		} else {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to delete user"})
+		}
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"message": "User deleted successfully"})
+}
diff --git a/rocket-backend/migrations/0002_create_infotables.up.sql b/rocket-backend/migrations/0002_create_infotables.up.sql
index 383121b..005dc0b 100644
--- a/rocket-backend/migrations/0002_create_infotables.up.sql
+++ b/rocket-backend/migrations/0002_create_infotables.up.sql
@@ -60,7 +60,7 @@ CREATE TABLE friends (
 CREATE TABLE runs (
     id UUID PRIMARY KEY DEFAULT gen_random_uuid (),
     created_at TIMESTAMP DEFAULT now (),
-    user_id UUID NOT NULL REFERENCES users (id),
+    user_id UUID NOT NULL REFERENCES users (id) ON DELETE CASCADE,
     route GEOMETRY (LINESTRING, 4326),
     duration VARCHAR(16),
     distance REAL
@@ -92,7 +92,7 @@ CREATE TABLE chat_messages_reactions (
 CREATE TABLE planned_runs (
     id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
     created_at TIMESTAMP DEFAULT now(),
-    user_id UUID NOT NULL REFERENCES users(id),
+    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
     route GEOMETRY(LINESTRING, 4326),
     name VARCHAR(255) NOT NULL,
     distance REAL,
diff --git a/website/index.html b/website/index.html
index c266cf2..81af30a 100644
--- a/website/index.html
+++ b/website/index.html
@@ -1,12 +1,15 @@
 <!DOCTYPE html>
-<html lang="">
+<html lang="en">
   <head>
     <meta charset="UTF-8">
-    <link rel="icon" href="/favicon.ico">
+    <!-- <link rel="icon" href="/favicon.ico"> -->
+    <link rel="icon" type="image/png" href="/AppIcon.png">
     <link rel="stylesheet" href="https://unpkg.com/leaflet@1.9.4/dist/leaflet.css"
         integrity="sha256-p4NxAoJBhIIN+hmNHrzRCf9tD/miZyoHS5obTRR9BMY="
         crossorigin=""/>
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="Rocket App: Chat and collaboration platform.">
+    <meta name="theme-color" content="#1976d2">
     <title>Rocket App</title>
   </head>
   <body>
diff --git a/website/public/AppIcon.png b/website/public/AppIcon.png
new file mode 100644
index 0000000..dfc2a6b
Binary files /dev/null and b/website/public/AppIcon.png differ
diff --git a/website/public/robots.txt b/website/public/robots.txt
new file mode 100644
index 0000000..eb05362
--- /dev/null
+++ b/website/public/robots.txt
@@ -0,0 +1,2 @@
+User-agent: *
+Disallow:
diff --git a/website/src/api/backend-api.ts b/website/src/api/backend-api.ts
index f47bf64..2196b2f 100644
--- a/website/src/api/backend-api.ts
+++ b/website/src/api/backend-api.ts
@@ -117,5 +117,33 @@ export default {
   },
   getAllUsers(): Promise<AxiosResponse> {
     return protectedAxiosApi.get('/users', { withCredentials: true })
+  },
+  deleteUser(): Promise<AxiosResponse> {
+    return protectedAxiosApi.delete('/user', { withCredentials: true })
+  },
+  deleteImage(): Promise<AxiosResponse> {
+    return protectedAxiosApi.delete('/settings/image', { withCredentials: true })
+  },
+  uploadImage(imageFile: File): Promise<AxiosResponse> {
+    const formData = new FormData()
+    formData.append('image', imageFile)
+
+    return protectedAxiosApi.post('/settings/image', formData, {
+      headers: { 'Content-Type': 'multipart/form-data' },
+      withCredentials: true
+    })
+  },
+  updateStepGoal(value: number): Promise<AxiosResponse> {
+    return protectedAxiosApi.post(
+      '/settings/step-goal',
+      { stepGoal: value },
+      { withCredentials: true }
+    )
+  },
+  getSettings(): Promise<AxiosResponse> {
+    return protectedAxiosApi.get('/settings', { withCredentials: true })
+  },
+  updateUserInfo(data: { name?: string; email?: string; currentPassword?: string; newPassword?: string }): Promise<AxiosResponse> {
+    return protectedAxiosApi.post('/settings/userinfo', data, { withCredentials: true })
   }
 }
diff --git a/website/src/components/Navbar.vue b/website/src/components/Navbar.vue
index a8bffa4..901eb86 100644
--- a/website/src/components/Navbar.vue
+++ b/website/src/components/Navbar.vue
@@ -181,6 +181,7 @@ onBeforeUnmount(() => {
   font-size: 1rem;
   padding: 0.25rem 0.5rem;
   transition: color 0.2s;
+  border-bottom: 2.5px solid transparent;
 }
 
 .nav-link:hover {
@@ -188,6 +189,13 @@ onBeforeUnmount(() => {
   text-decoration: underline;
 }
 
+.router-link-exact-active.nav-link,
+.router-link-active.nav-link {
+  color: #fff;
+  border-bottom: 2.5px solid #ffb347;
+  text-decoration: none;
+}
+
 .user-info {
   display: flex;
   align-items: center;
diff --git a/website/src/components/chat/ChatMessage.vue b/website/src/components/chat/ChatMessage.vue
index 9bab9c4..95075c7 100644
--- a/website/src/components/chat/ChatMessage.vue
+++ b/website/src/components/chat/ChatMessage.vue
@@ -24,15 +24,31 @@
           class="chat-username me-2"
           :style="{ color: getColor(username) }"
         >{{ username }}</span>
-        <span class="chat-message-text">{{ message }}</span>
+        <span
+          class="chat-message-text"
+          v-html="linkify(message)"
+        ></span>
         <span class="chat-message-time ms-2">{{ formatTime(timestamp) }}</span>
       </div>
+      <!-- YouTube preview -->
+      <div v-if="youtubeId" class="youtube-preview mt-2 d-flex justify-content-center">
+        <iframe
+          title="youtube link"
+          :src="`https://www.youtube.com/embed/${youtubeId}`"
+          width="320"
+          height="180"
+          frameborder="0"
+          allowfullscreen
+          style="border-radius: 12px; box-shadow: 0 2px 12px rgba(0,0,0,0.10);"
+        ></iframe>
+      </div>
     </div>
   </div>
 </template>
 
 <script setup lang="ts">
 import { getColor } from '@/utils/userUtils'
+import { computed } from 'vue'
 
 const props = defineProps<{
   username: string
@@ -56,6 +72,37 @@ function handleReaction() {
     props.onReact()
   }
 }
+
+function extractYouTubeId(url: string): string | null {
+  // Handles both youtu.be and youtube.com/watch?v= links
+  const match = url.match(
+    /(?:youtube\.com\/watch\?v=|youtu\.be\/)([A-Za-z0-9_-]{11})/
+  )
+  return match ? match[1] : null
+}
+
+const youtubeId = computed(() => {
+  const urlMatch = props.message.match(
+    /(https?:\/\/(?:www\.)?(?:youtube\.com\/watch\?v=|youtu\.be\/)[A-Za-z0-9_-]{11})/
+  )
+  if (urlMatch) {
+    return extractYouTubeId(urlMatch[0])
+  }
+  return null
+})
+
+// Replace URLs in message with clickable links (except YouTube, which gets preview)
+function linkify(text: string) {
+  const ytRegex = /(https?:\/\/(?:www\.)?(?:youtube\.com\/watch\?v=|youtu\.be\/)[A-Za-z0-9_-]{11})/
+  if (ytRegex.test(text)) {
+    text = text.replace(ytRegex, '')
+  }
+  // Linkify other URLs
+  return text.replace(
+    /(https?:\/\/[^\s]+)/g,
+    '<a href="$1" target="_blank" rel="noopener noreferrer">$1</a>'
+  )
+}
 </script>
 
 <style scoped>
@@ -68,6 +115,32 @@ function handleReaction() {
   border-radius: 1.1em 1.1em 1.1em 0.3em;
 }
 
+.youtube-preview {
+  width: 100%;
+  margin-top: 0.5em;
+  margin-bottom: 0.2em;
+  display: flex;
+  justify-content: center;
+}
+.youtube-preview iframe {
+  max-width: 100%;
+  border: none;
+  background: #000;
+}
+.chat-message-text a {
+  text-decoration: underline;
+  word-break: break-all;
+  transition: color 0.2s;
+}
+
+:deep(.chat-message-text a){
+  color: #ffffff !important;
+}
+:deep(.chat-message-text a:hover) {
+  color: #ffd600 !important;
+  background: transparent;
+}
+
 .reaction-badge {
   position: absolute;
   background: #fff;
diff --git a/website/src/components/modals/NotificationModal.vue b/website/src/components/modals/NotificationModal.vue
new file mode 100644
index 0000000..7273a7d
--- /dev/null
+++ b/website/src/components/modals/NotificationModal.vue
@@ -0,0 +1,95 @@
+<template>
+  <div v-if="open" class="notification-modal-overlay" @click.self="close">
+    <div class="notification-modal-content" :class="type">
+      <div class="notification-message">{{ message }}</div>
+      <button class="close-btn" @click="close">&times;</button>
+    </div>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { onMounted, onBeforeUnmount } from 'vue'
+
+const props = defineProps<{
+  open: boolean
+  message: string
+  type?: 'success' | 'error' | 'info'
+  autoClose?: number // ms, optional
+}>()
+const emit = defineEmits(['close'])
+
+let timer: ReturnType<typeof setTimeout> | null = null
+
+function close() {
+  emit('close')
+}
+
+onMounted(() => {
+  if (props.autoClose && props.open) {
+    timer = setTimeout(() => {
+      close()
+    }, props.autoClose)
+  }
+})
+
+onBeforeUnmount(() => {
+  if (timer) clearTimeout(timer)
+})
+</script>
+
+<style scoped>
+.notification-modal-overlay {
+  position: fixed;
+  z-index: 2100;
+  top: 0; left: 0; right: 0; bottom: 0;
+  background: rgba(0,0,0,0.18);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+.notification-modal-content {
+  background: #fff;
+  border-radius: 12px;
+  box-shadow: 0 4px 24px rgba(0,0,0,0.18);
+  padding: 1.5rem 2.5rem 1.5rem 2rem;
+  min-width: 280px;
+  max-width: 90vw;
+  display: flex;
+  align-items: center;
+  gap: 1rem;
+  position: relative;
+  font-size: 1.08rem;
+}
+.notification-modal-content.success {
+  border-left: 6px solid #43a047;
+}
+.notification-modal-content.error {
+  border-left: 6px solid #e53935;
+}
+.notification-modal-content.info {
+  border-left: 6px solid #1976d2;
+}
+.notification-icon {
+  font-size: 1.6rem;
+  margin-right: 0.5rem;
+}
+.notification-message {
+  flex: 1;
+  color: #222;
+}
+.close-btn {
+  position: absolute;
+  top: 0.6rem;
+  right: 0.7rem;
+  background: transparent;
+  color: #888;
+  border: none;
+  font-size: 1.5rem;
+  font-weight: bold;
+  cursor: pointer;
+  transition: color 0.18s;
+}
+.close-btn:hover {
+  color: #e53935;
+}
+</style>
diff --git a/website/src/components/settings/AccountSettings.vue b/website/src/components/settings/AccountSettings.vue
new file mode 100644
index 0000000..02e0958
--- /dev/null
+++ b/website/src/components/settings/AccountSettings.vue
@@ -0,0 +1,110 @@
+<template>
+  <div class="account-settings">
+    <span v-if="!hasImage" class="account-profile-initials" :style="{ backgroundColor: userColor }">
+      {{ userInitials }}
+    </span>
+    <img
+      v-else
+      :src="userImage"
+      alt="Profile"
+      class="account-profile-img"
+      @click="showImageModal = true"
+      style="cursor:pointer;"
+    />
+    <button @click="$emit('logout')" class="logout-btn">Logout</button>
+    <button @click="$emit('delete-account')" class="danger-btn">Delete Account</button>
+    <!-- Place modal outside the img, only show if hasImage and showImageModal -->
+    <ImageModal
+      v-if="hasImage && showImageModal"
+      :show="showImageModal"
+      :src="userImage"
+      alt="Profile Image"
+      @close="showImageModal = false"
+    />
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, computed } from 'vue'
+import ImageModal from '../modals/ImageModal.vue'
+
+const props = defineProps<{ userImage: string; userColor: string; userInitials: string }>()
+defineEmits(['logout', 'delete-account'])
+
+const hasImage = computed(
+  () => props.userImage && props.userImage !== 'https://via.placeholder.com/120'
+)
+const showImageModal = ref(false)
+</script>
+
+<style scoped>
+.account-settings {
+  width: 100%;
+  max-width: 100vw;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  gap: 2rem;
+  margin-top: 2rem;
+}
+
+.account-profile-img,
+.account-profile-initials {
+  width: 220px;
+  height: 220px;
+  max-width: 90vw;
+  max-height: 60vh;
+  border-radius: 50%;
+  display: block;
+  margin-bottom: 2.5rem;
+  box-shadow: 0 2px 16px rgba(0, 0, 0, 0.08);
+}
+
+.account-profile-img {
+  object-fit: cover;
+  border: 6px solid #bbb;
+}
+
+.account-profile-initials {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 3rem;
+  font-weight: 700;
+  color: #fff;
+  border: 6px solid #bbb;
+  background: #2a5298;
+  user-select: none;
+  overflow: hidden;
+}
+
+.logout-btn,
+.danger-btn {
+  min-width: 160px;
+  padding: 0.7rem 1.2rem;
+  border-radius: 6px;
+  border: none;
+  font-size: 1rem;
+  cursor: pointer;
+  background: #1976d2;
+  color: #fff;
+  transition:
+    background 0.18s,
+    color 0.18s;
+}
+
+.logout-btn:hover {
+  background: #1565c0;
+}
+
+.danger-btn {
+  background: #fff0f0;
+  color: #e53935;
+  border: 1px solid #e53935;
+}
+
+.danger-btn:hover {
+  background: #e53935;
+  color: #fff;
+}
+</style>
diff --git a/website/src/components/settings/ProfileSettings.vue b/website/src/components/settings/ProfileSettings.vue
new file mode 100644
index 0000000..651fa14
--- /dev/null
+++ b/website/src/components/settings/ProfileSettings.vue
@@ -0,0 +1,165 @@
+<template>
+  <div class="profile-settings">
+    <div class="profile-img-row">
+      <span v-if="userImage && userImage !== 'https://via.placeholder.com/120'" class="profile-img">
+        <img
+          :src="userImage"
+          alt="Profile"
+          class="profile-img"
+          @click="showImageModal = true"
+          style="cursor:pointer;"
+        />
+      </span>
+      <span v-else class="profile-img profile-initials" :style="{ backgroundColor: userColor }">
+        {{ userInitials }}
+      </span>
+      <div class="profile-actions">
+        <input type="file" ref="fileInput" @change="onImageSelected" accept="image/*" hidden />
+        <button @click="triggerFileInput">Upload</button>
+        <button @click="$emit('delete-image')" class="danger">Delete</button>
+      </div>
+    </div>
+    <label>
+      Name:
+      <input v-model="localName" type="text" />
+      <button @click="emitUpdateName">Save</button>
+    </label>
+    <label>
+      Daily Step Goal:
+      <input v-model.number="localDailyGoal" type="number" min="0" />
+      <button @click="emitUpdateGoal">Save</button>
+    </label>
+    <!-- Place modal outside the avatar span, only show if image is not placeholder and showImageModal is true -->
+    <ImageModal
+      v-if="userImage && userImage !== 'https://via.placeholder.com/120' && showImageModal"
+      :show="showImageModal"
+      :src="userImage"
+      alt="Profile Image"
+      @close="showImageModal = false"
+    />
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, watch } from 'vue'
+import ImageModal from '../modals/ImageModal.vue'
+
+const props = defineProps<{
+  userImage: string
+  userColor: string
+  userInitials: string
+  name: string
+  dailyGoal: number
+}>()
+const emit = defineEmits(['update-name', 'update-goal', 'delete-image', 'trigger-file-input', 'image-selected'])
+
+const fileInput = ref<HTMLInputElement | null>(null)
+const localName = ref(props.name)
+const localDailyGoal = ref(props.dailyGoal)
+const showImageModal = ref(false)
+
+watch(() => props.name, (val) => { localName.value = val })
+watch(() => props.dailyGoal, (val) => { localDailyGoal.value = val })
+
+function triggerFileInput() {
+  emit('trigger-file-input')
+  fileInput.value?.click()
+}
+function onImageSelected(e: Event) {
+  emit('image-selected', e)
+}
+function emitUpdateName() {
+  emit('update-name', localName.value)
+}
+function emitUpdateGoal() {
+  emit('update-goal', localDailyGoal.value)
+}
+</script>
+
+<style scoped>
+.profile-settings {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  min-width: 280px;
+  max-width: 350px;
+  margin: 0 auto;
+  gap: 2rem;
+}
+.profile-img-row {
+  display: flex;
+  align-items: center;
+  gap: 2rem;
+}
+
+.profile-img {
+  width: 220px;
+  height: 220px;
+  border-radius: 50%;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 3rem;
+  font-weight: 700;
+  color: #fff;
+  background: #2a5298;
+  user-select: none;
+  overflow: hidden;
+  box-shadow: 0 2px 16px rgba(0,0,0,0.08);
+}
+.profile-img img {
+  width: 100%;
+  height: 100%;
+  border-radius: 50%;
+  object-fit: cover;
+  border: 6px solid #bbb;
+  box-shadow: 0 2px 16px rgba(0,0,0,0.08);
+}
+.profile-initials {
+  object-fit: none;
+  border: 6px solid #bbb;
+}
+.profile-actions {
+  display: flex;
+  flex-direction: column;
+  gap: 0.3rem;
+}
+label {
+  display: flex;
+  flex-direction: column;
+  align-items: flex-start;
+  margin: 0.5rem 0;
+  font-size: 1rem;
+  width: 100%;
+}
+input[type="text"], input[type="number"] {
+  margin-top: 0.3rem;
+  padding: 0.4rem 0.7rem;
+  border-radius: 6px;
+  border: 1px solid #ccc;
+  width: 100%;
+  font-size: 1rem;
+}
+button {
+  margin-top: 0.4rem;
+  padding: 0.3rem 1.1rem;
+  border: none;
+  border-radius: 6px;
+  background: #1976d2;
+  color: #fff;
+  cursor: pointer;
+  font-size: 1rem;
+  transition: background 0.2s;
+}
+button:hover {
+  background: #1565c0;
+}
+button.danger {
+  background: none;
+  color: #e53935;
+  border: 1px solid #e53935;
+}
+button.danger:hover {
+  background: #ffeaea;
+}
+</style>
diff --git a/website/src/components/settings/SecuritySettings.vue b/website/src/components/settings/SecuritySettings.vue
new file mode 100644
index 0000000..50428f8
--- /dev/null
+++ b/website/src/components/settings/SecuritySettings.vue
@@ -0,0 +1,139 @@
+<template>
+  <div class="security-settings">
+    <form @submit.prevent>
+      <div class="form-group">
+        <label>Email</label>
+        <div class="input-row">
+          <input v-model="localEmail" type="email" autocomplete="email" />
+          <button type="button" @click="emitUpdateEmail">Save</button>
+        </div>
+      </div>
+      <div class="form-group">
+        <label>Change Password</label>
+        <input
+          v-model="localCurrentPassword"
+          type="password"
+          placeholder="Current password"
+          autocomplete="current-password"
+          @input="emitCurrentPassword"
+        />
+        <input
+          v-model="localNewPassword"
+          type="password"
+          placeholder="New password"
+          autocomplete="new-password"
+          @input="emitNewPassword"
+        />
+        <input
+          v-model="localConfirmPassword"
+          type="password"
+          placeholder="Confirm new password"
+          autocomplete="new-password"
+          @input="emitConfirmPassword"
+        />
+        <button type="button" @click="emitChangePassword">Change Password</button>
+      </div>
+    </form>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, watch } from 'vue'
+
+const props = defineProps<{
+  email: string
+  currentPassword: string
+  newPassword: string
+  confirmPassword: string
+}>()
+
+const emit = defineEmits<{
+  (e: 'update-email', value: string): void
+  (e: 'change-password', value: { currentPassword: string; newPassword: string; confirmPassword: string }): void
+  (e: 'update:currentPassword', value: string): void
+  (e: 'update:newPassword', value: string): void
+  (e: 'update:confirmPassword', value: string): void
+}>()
+
+const localEmail = ref(props.email)
+const localCurrentPassword = ref(props.currentPassword)
+const localNewPassword = ref(props.newPassword)
+const localConfirmPassword = ref(props.confirmPassword)
+
+watch(() => props.email, val => { localEmail.value = val })
+watch(() => props.currentPassword, val => { localCurrentPassword.value = val })
+watch(() => props.newPassword, val => { localNewPassword.value = val })
+watch(() => props.confirmPassword, val => { localConfirmPassword.value = val })
+
+function emitUpdateEmail() {
+  emit('update-email', localEmail.value)
+}
+function emitChangePassword() {
+  emit('change-password', {
+    currentPassword: localCurrentPassword.value,
+    newPassword: localNewPassword.value,
+    confirmPassword: localConfirmPassword.value
+  })
+}
+function emitCurrentPassword() {
+  emit('update:currentPassword', localCurrentPassword.value)
+}
+function emitNewPassword() {
+  emit('update:newPassword', localNewPassword.value)
+}
+function emitConfirmPassword() {
+  emit('update:confirmPassword', localConfirmPassword.value)
+}
+</script>
+
+<style scoped>
+.security-settings {
+  width: 100%;
+  max-width: 340px;
+  margin: 0 auto;
+  display: flex;
+  flex-direction: column;
+  gap: 2.5rem;
+}
+form {
+  width: 100%;
+}
+.form-group {
+  margin-bottom: 2rem;
+  display: flex;
+  flex-direction: column;
+  gap: 0.7rem;
+}
+label {
+  font-size: 1rem;
+  font-weight: 500;
+  margin-bottom: 0.2rem;
+  color: #232946;
+}
+.input-row {
+  display: flex;
+  gap: 0.5rem;
+}
+input[type="email"],
+input[type="password"] {
+  flex: 1;
+  padding: 0.5rem 0.7rem;
+  border-radius: 6px;
+  border: 1px solid #ccc;
+  font-size: 1rem;
+  margin-bottom: 0.3rem;
+}
+button {
+  padding: 0.45rem 1.1rem;
+  border: none;
+  border-radius: 6px;
+  background: #1976d2;
+  color: #fff;
+  font-size: 1rem;
+  cursor: pointer;
+  transition: background 0.18s;
+}
+button:hover {
+  background: #1565c0;
+}
+</style>
\ No newline at end of file
diff --git a/website/src/pages/ChatView.vue b/website/src/pages/ChatView.vue
index 2fd9bb8..f668f1b 100644
--- a/website/src/pages/ChatView.vue
+++ b/website/src/pages/ChatView.vue
@@ -29,10 +29,10 @@ onMounted(async () => {
 
 <style scoped>
 .chatview-wrapper {
-  min-height: 100vh;
+  min-height:  90vh;
   width: 100vw;
   padding: 0;
   margin: 0;
-  background: #f5f7fa;
+  /* background: #f5f7fa; */
 }
 </style>
diff --git a/website/src/pages/FriendlistView.vue b/website/src/pages/FriendlistView.vue
index d58ab0b..7ec9a02 100644
--- a/website/src/pages/FriendlistView.vue
+++ b/website/src/pages/FriendlistView.vue
@@ -54,7 +54,8 @@ const allUsers = ref<User[]>([]);
 const fetchFriends = async () => {
   try {
     const res = await backendApi.getFriends();
-    friends.value = res.data.map((f: any) => ({
+    const data = res.data ?? [];
+    friends.value = data.map((f: any) => ({
       id: f.id,
       username: f.username,
       email: f.email,
@@ -66,13 +67,13 @@ const fetchFriends = async () => {
     console.error('Failed to fetch friends:', e);
     friends.value = [];
   }
-
 };
 
 const fetchAllUsers = async () => {
   try {
     const res = await backendApi.getAllUsers();
-    allUsers.value = res.data.map((u: any) => ({
+    const data = res.data ?? [];
+    allUsers.value = data.map((u: any) => ({
       id: u.id,
       username: u.username,
       email: u.email,
@@ -84,7 +85,6 @@ const fetchAllUsers = async () => {
     console.error('Failed to fetch all users:', e);
     allUsers.value = [];
   }
-
 };
 
 const loading = ref(true);
diff --git a/website/src/pages/HighscoreView.vue b/website/src/pages/HighscoreView.vue
index d669174..126d3a7 100644
--- a/website/src/pages/HighscoreView.vue
+++ b/website/src/pages/HighscoreView.vue
@@ -27,17 +27,25 @@
         />
       </div>
     </div>
+    <NotificationModal
+      :open="notification.open"
+      :message="notification.message"
+      :type="notification.type"
+      :autoClose="notification.autoClose"
+      @close="notification.open = false"
+    />
   </div>
 </template>
 <script setup lang="ts">
 import Podium from '@/components/highscore/Podium.vue'
 import ToggleSwitch from '@/components/highscore/ToggleSwitch.vue'
 import Navbar from '@/components/Navbar.vue'
-import {ref, onMounted, computed} from 'vue'
+import {ref, onMounted, computed, reactive} from 'vue'
 import api from '@/api/backend-api'
 import List from "@/components/highscore/List.vue";
 import ProfileCard from '@/components/highscore/ProfileCard.vue'
 import Rocket from '@/components/highscore/Rocket.vue'
+import NotificationModal from '@/components/modals/NotificationModal.vue'
 
 interface RankedUser {
   id: string
@@ -83,7 +91,6 @@ const loadRanking = async () => {
     )
 
 
-    console.log(rankedUsers.value)
   } catch {
     console.error("Error fetching ranking")
   }
@@ -107,14 +114,37 @@ function goToProfileFromDialog(username: string) {
   router.push(`/profile/${encodeURIComponent(username)}`)
 }
 
+const notification = reactive({
+  open: false,
+  message: '',
+  type: 'info' as 'success' | 'error' | 'info',
+  autoClose: 2200,
+})
+
+function showNotification(message: string, type: 'success' | 'error' | 'info' = 'info', autoClose = 2200) {
+  notification.message = message
+  notification.type = type
+  notification.open = true
+  notification.autoClose = autoClose
+}
+
 function addFriend(friendName: string) {
   api.addFriend(friendName)
       .then(() => {
-        alert('Freund hinzugefügt!')
+        showNotification('Freund hinzugefügt!', 'success')
+        rankedUsers.value = rankedUsers.value.map(u =>
+          u.username === friendName ? { ...u, isFriend: true } : u
+        )
+        rankedFriends.value = rankedFriends.value.map(u =>
+          u.username === friendName ? { ...u, isFriend: true } : u
+        )
+        if (showProfileDialog.value && selectedProfile.value && selectedProfile.value.username === friendName) {
+          selectedProfile.value = { ...selectedProfile.value, isFriend: true }
+        }
         loadRanking()
       })
       .catch((err) => {
-        alert('Fehler beim Hinzufügen: ' + (err.response?.data?.message || err.message))
+        showNotification('Fehler beim Hinzufügen: ' + (err.response?.data?.message || err.message), 'error')
       })
 }
 
@@ -138,7 +168,7 @@ function closeProfile() {
 .highscore-bg {
   min-height: 100vh;
   width: 100vw;
-  background: linear-gradient(120deg, #e0e7ff 0%, #f8fafc 100%);
+  /* background: linear-gradient(120deg, #e0e7ff 0%, #f8fafc 100%); */
   display: flex;
   justify-content: center;
   align-items: flex-start;
diff --git a/website/src/pages/SettingsView.vue b/website/src/pages/SettingsView.vue
index a8aa9cf..ace094c 100644
--- a/website/src/pages/SettingsView.vue
+++ b/website/src/pages/SettingsView.vue
@@ -1,17 +1,405 @@
 <template>
-  <Navbar />
-  <div class="settings-page">
-    <h1>Settings</h1>
-    <p>This is the Settings page. Here you will see settings and can change them.</p>
+  <Navbar :key="navbarKey" />
+  <div class="settings-tabbar-layout">
+    <div class="settings-tabbar">
+      <button
+        :class="{ active: section === 'profile' }"
+        @click="section = 'profile'"
+      >Profile</button>
+      <button
+        :class="{ active: section === 'security' }"
+        @click="section = 'security'"
+      >Security</button>
+      <button
+        :class="{ active: section === 'account' }"
+        @click="section = 'account'"
+      >Account</button>
+    </div>
+    <div class="settings-tab-content">
+      <ProfileSettings
+        v-if="section==='profile'"
+        :userImage="userImage"
+        :userColor="userColor"
+        :userInitials="userInitials"
+        :name="name"
+        :dailyGoal="dailyGoal"
+        @update-name="updateName"
+        @update-goal="updateGoal"
+        @delete-image="showDeleteImageConfirm = true"
+        @trigger-file-input="triggerFileInput"
+        @image-selected="onImageSelected"
+      />
+      <SecuritySettings
+        v-if="section==='security'"
+        :email="email"
+        @update-email="updateEmail"
+        @change-password="changePassword"
+        :currentPassword="currentPassword"
+        :newPassword="newPassword"
+        :confirmPassword="confirmPassword"
+        @update:currentPassword="val => currentPassword = val"
+        @update:newPassword="val => newPassword = val"
+        @update:confirmPassword="val => confirmPassword = val"
+      />
+      <AccountSettings
+        v-if="section==='account'"
+        :userImage="userImage"
+        :userColor="userColor"
+        :userInitials="userInitials"
+        @logout="logout"
+        @delete-account="showDeleteAccountConfirm = true"
+      />
+      <!-- Modals -->
+      <ConfirmDialog
+        :open="showDeleteImageConfirm"
+        title="Delete Profile Image"
+        message="Are you sure you want to delete your profile image?"
+        confirmText="Delete"
+        cancelText="Cancel"
+        @confirm="deleteImage"
+        @cancel="showDeleteImageConfirm = false"
+      />
+      <ConfirmDialog
+        :open="showDeleteAccountConfirm"
+        title="Delete Account"
+        message="Are you sure you want to delete your account? This cannot be undone."
+        confirmText="Delete"
+        cancelText="Cancel"
+        @confirm="deleteAccount"
+        @cancel="showDeleteAccountConfirm = false"
+      />
+      <NotificationModal
+        :open="notification.open"
+        :message="notification.message"
+        :type="notification.type"
+        :autoClose="notification.autoClose"
+        @close="notification.open = false"
+      />
+    </div>
   </div>
 </template>
 
 <script setup lang="ts">
+import { ref, reactive, onMounted, computed } from 'vue'
 import Navbar from '@/components/Navbar.vue'
+import ProfileSettings from '@/components/settings/ProfileSettings.vue'
+import SecuritySettings from '@/components/settings/SecuritySettings.vue'
+import AccountSettings from '@/components/settings/AccountSettings.vue'
+import api from '@/api/backend-api'
+import { useRouter } from 'vue-router'
+import ConfirmDialog from '@/components/modals/ConfirmDialog.vue'
+import NotificationModal from '@/components/modals/NotificationModal.vue'
+import { getColor, getInitials } from '@/utils/userUtils'
+
+
+const router = useRouter()
+
+const userImage = ref('https://via.placeholder.com/120')
+const name = ref('')
+const savedName = ref('')
+const email = ref('')
+
+const navbarKey = ref(0)
+const section = ref<'profile'|'security'|'account'>('profile')
+
+const currentPassword = ref('')
+const newPassword = ref('')
+const confirmPassword = ref('')
+const dailyGoal = ref(10000)
+const fileInput = ref<HTMLInputElement | null>(null)
+
+const userColor = computed(() => {
+  return getColor(savedName.value || 'User')
+})
+const userInitials = computed(() => {
+  return getInitials(savedName.value || 'User')
+})
+
+const showDeleteImageConfirm = ref(false)
+const showDeleteAccountConfirm = ref(false)
+
+const notification = reactive({
+  open: false,
+  message: '',
+  type: 'info' as 'success' | 'error' | 'info',
+  autoClose: 2200,
+})
+
+
+
+function showNotification(message: string, type: 'success' | 'error' | 'info' = 'info', autoClose = 2200) {
+  notification.message = message
+  notification.type = type
+  notification.open = true
+  notification.autoClose = autoClose
+}
+
+function triggerFileInput() {
+  fileInput.value?.click()
+}
+
+async function onImageSelected(event: Event) {
+  const file = (event.target as HTMLInputElement).files?.[0]
+  if (file) {
+    try {
+      await api.uploadImage(file)
+      // Fetch the new image from the backend to get the base64-encoded image
+      const imageRes = await api.getUserImage()
+      if (imageRes.data && imageRes.data.data && imageRes.data.mime_type) {
+        userImage.value = `data:${imageRes.data.mime_type};base64,${imageRes.data.data}`
+      } else {
+        userImage.value = 'https://via.placeholder.com/120'
+      }
+      showNotification('Profile image updated!', 'success')
+      navbarKey.value++
+    } catch (error) {
+      showNotification('Failed to upload image', 'error')
+    }
+  }
+}
+
+async function deleteImage() {
+  showDeleteImageConfirm.value = false
+  try {
+    await api.deleteImage()
+    userImage.value = 'https://via.placeholder.com/120'
+    showNotification('Profile image deleted.', 'success')
+    navbarKey.value++
+  } catch (error) {
+    showNotification('Failed to delete image', 'error')
+  }
+}
+
+async function updateName(newName: string) {
+  try {
+    console.log('Updating name to:', newName)
+    await api.updateUserInfo({ name: newName })
+    name.value = newName
+    savedName.value = newName
+    showNotification('Name updated!', 'success')
+    navbarKey.value++ // Force Navbar reload
+  } catch (e) {
+    showNotification('Failed to update name', 'error')
+  }
+}
+
+async function updateEmail(newEmail: string) {
+  try {
+    console.log('Updating email to:', newEmail)
+    await api.updateUserInfo({ email: newEmail })
+    email.value = newEmail
+    showNotification('Email updated!', 'success')
+  } catch (e) {
+    showNotification('Failed to update email', 'error')
+  }
+}
+
+async function changePassword({ currentPassword: curr, newPassword: next, confirmPassword: confirm }: { currentPassword: string, newPassword: string, confirmPassword: string }) {
+  if (!curr || !next || !confirm) {
+    showNotification('Please fill all password fields', 'error')
+    return
+  }
+  if (next !== confirm) {
+    showNotification('New passwords do not match', 'error')
+    return
+  }
+  try {
+    await api.updateUserInfo({
+      currentPassword: curr,
+      newPassword: next
+    })
+    showNotification('Password updated!', 'success')
+    currentPassword.value = ''
+    newPassword.value = ''
+    confirmPassword.value = ''
+  } catch (e) {
+    showNotification('Failed to update password', 'error')
+  }
+}
+
+async function updateGoal(newGoal: number) {
+  try {
+    await api.updateStepGoal(newGoal)
+    dailyGoal.value = newGoal
+    showNotification('Daily goal updated', 'success')
+  } catch (error) {
+    showNotification('Failed to update daily goal', 'error')
+  }
+}
+
+async function logout() {
+  try {
+    await api.logout()
+    router.push('/login')
+  } catch (error) {
+    alert('Failed to logout')
+  }
+}
+
+async function deleteAccount() {
+    try {
+      await api.deleteUser()
+      router.push('/login')
+    } catch (error) {
+      alert('Failed to delete account')
+    }
+}
+
+// Optionally, fetch user info and settings on mount
+onMounted(async () => {
+  try {
+    const [userRes, settingsRes, imageRes] = await Promise.all([
+      api.getMyself(),
+      api.getSettings ? api.getSettings() : Promise.resolve({ data: {} }),
+      api.getUserImage ? api.getUserImage() : Promise.resolve({ data: {} })
+    ])
+    if (userRes.data) {
+      name.value = userRes.data.username || ''
+      savedName.value = userRes.data.username || ''
+      email.value = userRes.data.email || ''
+    }
+    if (settingsRes.data && settingsRes.data.step_goal) {
+      dailyGoal.value = settingsRes.data.step_goal
+    }
+    // Handle base64 user image like Navbar.vue
+    if (imageRes.data && imageRes.data.data && imageRes.data.mime_type) {
+      userImage.value = `data:${imageRes.data.mime_type};base64,${imageRes.data.data}`
+    } else {
+      userImage.value = 'https://via.placeholder.com/120'
+    }
+  } catch (e) {
+    userImage.value = 'https://via.placeholder.com/120'
+    // Ignore errors for optional fetches
+  }
+})
 </script>
 
 <style scoped>
-settings-pagesettings-page {
-  padding: 2rem;
+.settings-tabbar-layout {
+  min-height: 80vh;
+  background: #f6f8fa;
+  display: flex;
+  flex-direction: column;
+  align-items: stretch;
+}
+
+.settings-tabbar {
+  display: flex;
+  gap: 1rem;
+  padding: 2.5rem 2rem 1.5rem 2rem;
+  background: #f7fafd;
+  border-bottom: 1px solid #e0eaff;
+  justify-content: center;
+}
+
+.settings-tabbar button {
+  background: none;
+  border: none;
+  font-size: 1.1rem;
+  font-weight: 600;
+  color: #4a90e2;
+  padding: 0.5rem 1.5rem;
+  border-radius: 6px 6px 0 0;
+  cursor: pointer;
+  transition: background 0.2s, color 0.2s;
+}
+
+.settings-tabbar button.active,
+.settings-tabbar button:hover {
+  background: #e0eaff;
+  color: #222;
+}
+
+.settings-tab-content {
+  flex: 1;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: flex-start;
+  padding: 3rem 2rem;
+  min-width: 0;
+}
+
+.profile-section {
+  display: flex;
+  align-items: center;
+  gap: 1.5rem;
+}
+.profile-img {
+  width: 120px;
+  height: 120px;
+  border-radius: 50%;
+  object-fit: cover;
+  border: 2px solid #eee;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 2.5rem;
+  font-weight: 700;
+  color: #fff;
+  background: #2a5298;
+  user-select: none;
+  overflow: hidden;
+}
+.profile-initials {
+  object-fit: none;
+  border: 2px solid #eee;
+}
+.profile-actions {
+  display: flex;
+  flex-direction: column;
+  gap: 0.5rem;
+}
+.info-section label,
+.goal-section label,
+.password-section label {
+  display: flex;
+  flex-direction: column;
+  margin-bottom: 1rem;
+}
+.info-section input,
+.goal-section input,
+.password-section input {
+  padding: 0.5rem;
+  border-radius: 6px;
+  border: 1px solid #ccc;
+  margin-top: 0.25rem;
+}
+button {
+  padding: 0.5rem 1.2rem;
+  border: none;
+  border-radius: 6px;
+  background: #1976d2;
+  color: #fff;
+  cursor: pointer;
+  margin-top: 0.5rem;
+  transition: background 0.2s;
+}
+button:hover {
+  background: #1565c0;
+}
+button.danger {
+  background: #e53935;
+}
+button.danger:hover {
+  background: #b71c1c;
+}
+button.logout {
+  background: #757575;
+}
+button.logout:hover {
+  background: #424242;
+}
+.danger-zone {
+  display: flex;
+  gap: 1rem;
+  justify-content: flex-end;
+  margin-top: 2rem;
+}
+.fade-enter-active, .fade-leave-active {
+  transition: opacity 0.25s;
+}
+.fade-enter-from, .fade-leave-to {
+  opacity: 0;
 }
 </style>
diff --git a/website/src/utils/userUtils.ts b/website/src/utils/userUtils.ts
index b999fca..4f11a8d 100644
--- a/website/src/utils/userUtils.ts
+++ b/website/src/utils/userUtils.ts
@@ -1,6 +1,8 @@
 export const chatColors = [
   '#2a5298', '#f39c12', '#27ae60', '#8e44ad', '#e74c3c', '#16a085',
-  '#d35400', '#2980b9', '#c0392b', '#1abc9c', '#9b59b6', '#34495e'
+  '#d35400', '#2980b9', '#c0392b', '#1abc9c', '#9b59b6', '#34495e',
+  '#e67e22', '#3498db', '#f1c40f', '#7f8c8d', '#e84393', '#00b894',
+  '#fdcb6e', '#0984e3', '#6c5ce7', '#00cec9', '#b2bec3', '#636e72'
 ]
 
 export function getColor(name: string) {