diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3caf39d3a..8d2060d8c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@
 
 * UI
 	* New page for subscription tools [#1534](https://github.com/FreshRSS/FreshRSS/issues/1354)
+* CLI
+	* New command `./cli/update-user` to update user settings [#1600](https://github.com/FreshRSS/FreshRSS/issues/1600)
 * I18n
 	* Korean [#1578](https://github.com/FreshRSS/FreshRSS/pull/1578)
 * Bug fixing
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php
index 3cbbd8633..a58501186 100644
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -44,6 +44,29 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 		return preg_match('/^' . self::USERNAME_PATTERN . '$/', $username) === 1;
 	}
 
+	public static function updateContextUser($passwordPlain, $apiPasswordPlain, $userConfigUpdated = array()) {
+		if ($passwordPlain != '') {
+			$passwordHash = self::hashPassword($passwordPlain);
+			FreshRSS_Context::$user_conf->passwordHash = $passwordHash;
+		}
+
+		if ($apiPasswordPlain != '') {
+			$apiPasswordHash = self::hashPassword($apiPasswordPlain);
+			FreshRSS_Context::$user_conf->apiPasswordHash = $apiPasswordHash;
+		}
+
+		if (is_array($userConfigUpdated)) {
+			foreach ($userConfigUpdated as $configName => $configValue) {
+				if ($configValue !== null) {
+					FreshRSS_Context::$user_conf->_param($configName, $configValue);
+				}
+			}
+		}
+
+		$ok = FreshRSS_Context::$user_conf->save();
+		return $ok;
+	}
+
 	/**
 	 * This action displays the user profile page.
 	 */
@@ -55,31 +78,18 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 		));
 
 		if (Minz_Request::isPost()) {
-			$ok = true;
-
 			$passwordPlain = Minz_Request::param('newPasswordPlain', '', true);
-			if ($passwordPlain != '') {
-				Minz_Request::_param('newPasswordPlain');	//Discard plain-text password ASAP
-				$_POST['newPasswordPlain'] = '';
-				$passwordHash = self::hashPassword($passwordPlain);
-				$ok &= ($passwordHash != '');
-				FreshRSS_Context::$user_conf->passwordHash = $passwordHash;
-			}
+			Minz_Request::_param('newPasswordPlain');	//Discard plain-text password ASAP
+			$_POST['newPasswordPlain'] = '';
+
+			$apiPasswordPlain = Minz_Request::param('apiPasswordPlain', '', true);
+
+			$ok = self::updateContextUser($passwordPlain, $apiPasswordPlain, array(
+					'token' => Minz_Request::param('token', null),
+				));
+
 			Minz_Session::_param('passwordHash', FreshRSS_Context::$user_conf->passwordHash);
 
-			$passwordPlain = Minz_Request::param('apiPasswordPlain', '', true);
-			if ($passwordPlain != '') {
-				$passwordHash = self::hashPassword($passwordPlain);
-				$ok &= ($passwordHash != '');
-				FreshRSS_Context::$user_conf->apiPasswordHash = $passwordHash;
-			}
-
-			$current_token = FreshRSS_Context::$user_conf->token;
-			$token = Minz_Request::param('token', $current_token);
-			FreshRSS_Context::$user_conf->token = $token;
-
-			$ok &= FreshRSS_Context::$user_conf->save();
-
 			if ($ok) {
 				Minz_Request::good(_t('feedback.profile.updated'),
 				                   array('c' => 'user', 'a' => 'profile'));
diff --git a/cli/README.md b/cli/README.md
index 1ac8c95ce..ce1be10a7 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -43,9 +43,12 @@ cd /usr/share/FreshRSS
 ./cli/reconfigure.php
 # Same parameters as for do-install.php. Used to update an existing installation.
 
-./cli/create-user.php --user username ( --password 'password' --api-password 'api_password' --language en --email user@example.net --token 'longRandomString' --no-default-feeds )
+./cli/create-user.php --user username ( --password 'password' --api_password 'api_password' --language en --email user@example.net --token 'longRandomString' --no_default_feeds --purge_after_months 3 --feed_min_articles_default 50 --feed_ttl_default 3600 --since_hours_posts_per_rss 168 --min_posts_per_rss 2 --max_posts_per_rss 400 )
 # --language can be: 'en' (default), 'fr', or one of the [supported languages](../app/i18n/)
 
+./cli/update-user.php --user username ( ... )
+# Same options as create-user.php, except --no_default_feeds which is only available for create-user.php
+
 ./cli/delete-user.php --user username
 
 ./cli/list-users.php
diff --git a/cli/_update-or-create-user.php b/cli/_update-or-create-user.php
new file mode 100644
index 000000000..c7f1008cd
--- /dev/null
+++ b/cli/_update-or-create-user.php
@@ -0,0 +1,55 @@
+<?php
+require('_cli.php');
+
+$params = array(
+		'user:',
+		'password:',
+		'api_password:',
+		'language:',
+		'email:',
+		'token:',
+		'purge_after_months:',
+		'feed_min_articles_default:',
+		'feed_ttl_default:',
+		'since_hours_posts_per_rss:',
+		'min_posts_per_rss:',
+		'max_posts_per_rss:',
+	);
+
+if (!$isUpdate) {
+	$params[] = 'no_default_feeds';	//Only for creating new users
+}
+
+$options = getopt('', $params);
+
+if (empty($options['user'])) {
+	fail('Usage: ' . basename($_SERVER['SCRIPT_FILENAME']) . " --user username ( --password 'password' --api_password 'api_password'" .
+		" --language en --email user@example.net --token 'longRandomString'" .
+		($isUpdate ? '' : '--no_default_feeds') .
+		" --purge_after_months 3 --feed_min_articles_default 50 --feed_ttl_default 3600" .
+		" --since_hours_posts_per_rss 168 --min_posts_per_rss 2 --max_posts_per_rss 400 )");
+}
+
+function strParam($name) {
+	global $options;
+	return isset($options[$name]) ? strval($options[$name]) : null;
+}
+
+function intParam($name) {
+	global $options;
+	return isset($options[$name]) && ctype_digit($options[$name]) ? intval($options[$name]) : null;
+}
+
+$values = array(
+		'language' => strParam('language'),
+		'mail_login' => strParam('email'),
+		'token' => strParam('token'),
+		'old_entries' => intParam('purge_after_months'),
+		'keep_history_default' => intParam('feed_min_articles_default'),
+		'ttl_default' => intParam('feed_ttl_default'),
+		'since_hours_posts_per_rss' => intParam('since_hours_posts_per_rss'),
+		'min_posts_per_rss' => intParam('min_posts_per_rss'),
+		'max_posts_per_rss' => intParam('max_posts_per_rss'),
+	);
+
+$values = array_filter($values);
diff --git a/cli/create-user.php b/cli/create-user.php
index f44591cc9..add9c1b13 100755
--- a/cli/create-user.php
+++ b/cli/create-user.php
@@ -1,21 +1,8 @@
 #!/usr/bin/php
 <?php
-require('_cli.php');
+$isUpdate = false;
+require('_update-or-create-user.php');
 
-$options = getopt('', array(
-		'user:',
-		'password:',
-		'api-password:',
-		'language:',
-		'email:',
-		'token:',
-		'no-default-feeds',
-	));
-
-if (empty($options['user'])) {
-	fail('Usage: ' . basename(__FILE__) . " --user username ( --password 'password' --api-password 'api_password'" .
-		" --language en --email user@example.net --token 'longRandomString --no-default-feeds' )");
-}
 $username = $options['user'];
 if (!FreshRSS_user_Controller::checkUsername($username)) {
 	fail('FreshRSS error: invalid username “' . $username . '”! Must be matching ' . FreshRSS_user_Controller::USERNAME_PATTERN);
@@ -30,11 +17,8 @@ echo 'FreshRSS creating user “', $username, "”…\n";
 
 $ok = FreshRSS_user_Controller::createUser($username,
 	empty($options['password']) ? '' : $options['password'],
-	empty($options['api-password']) ? '' : $options['api-password'],
-	array(
-		'language' => empty($options['language']) ? '' : $options['language'],
-		'token' => empty($options['token']) ? '' : $options['token'],
-	),
+	empty($options['api_password']) ? '' : $options['api_password'],
+	$values,
 	!isset($options['no-default-feeds']));
 
 if (!$ok) {
diff --git a/cli/update-user.php b/cli/update-user.php
new file mode 100755
index 000000000..ac674484c
--- /dev/null
+++ b/cli/update-user.php
@@ -0,0 +1,23 @@
+#!/usr/bin/php
+<?php
+$isUpdate = true;
+require('_update-or-create-user.php');
+
+$username = cliInitUser($options['user']);
+
+echo 'FreshRSS updating user “', $username, "”…\n";
+
+$ok = FreshRSS_user_Controller::updateContextUser(
+	empty($options['password']) ? '' : $options['password'],
+	empty($options['api_password']) ? '' : $options['api_password'],
+	$values);
+
+if (!$ok) {
+	fail('FreshRSS could not update user!');
+}
+
+invalidateHttpCache($username);
+
+accessRights();
+
+done($ok);