Any user can change their own password by clicking "My Account" then "Edit User".
Users in a role with the permission "Manage User Accounts" can change other users' passwords by clicking "My Account" -> "Users" -> Click on the user name -> "Edit User". In this case a email will be sent to the edited user with a link permitting them to set a new password. This ensures that each individual is uniquely responsible for their password and thus their system activity can be effectively recorded in the Audit Event log.