diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index fb9f00e..2ec849e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -39,4 +39,4 @@ jobs:
           KODADO_URL: ${{ secrets.KODADO_URL }}
           KODADO_BUCKET_URL: ${{ secrets.KODADO_BUCKET_URL }}
         run: |
-          bun test --timeout 20000
+          bun test --timeout 200000
diff --git a/src/auth/AuthApiClient.ts b/src/auth/AuthApiClient.ts
index 13ca704..1cc60cb 100644
--- a/src/auth/AuthApiClient.ts
+++ b/src/auth/AuthApiClient.ts
@@ -93,7 +93,29 @@ export class AuthApiClient {
       },
     });
 
-    return response.json();
+    const { keys, totalPages } = await response.json();
+
+    if (totalPages > 1) {
+      const additionalKeys = await Promise.all(
+        Array.from({ length: totalPages - 1 }, async (_, index) => {
+          const response = await fetch(`${this.endpoint}/keys/user`, {
+            method: "POST",
+            headers: {
+              Authorization: this.session?.getIdToken().getJwtToken() || "",
+            },
+            body: JSON.stringify({ page: index + 2 }),
+          });
+
+          const { keys } = await response.json();
+
+          return keys;
+        })
+      );
+
+      return keys.concat(...additionalKeys);
+    }
+
+    return keys;
   }
 
   async updateItemKeys(encryptionPublicKey: string, encryptedItemKeys: any) {
diff --git a/test/updatePassword.spec.ts b/test/updatePassword.spec.ts
index 50766b1..69fc8e3 100644
--- a/test/updatePassword.spec.ts
+++ b/test/updatePassword.spec.ts
@@ -6,6 +6,8 @@ import typeDefs from "./fixtures/schema";
 
 import { recreateUser } from "./helpers/createUser";
 
+let id: string;
+
 const client = await createClient({
   typeDefs,
   resolvers: {},
@@ -46,6 +48,7 @@ describe("updatePassword", () => {
     const insertedTodo = await client.api.query<{ id: string; item: {} }>(qry, {
       item: { text: "First Todo", done: false },
     });
+    id = insertedTodo.id;
 
     try {
       await client.auth.updatePassword({
@@ -93,12 +96,82 @@ describe("updatePassword", () => {
 
     client.auth.signOut();
   });
+
+  it("Should work with a large amount of items", async () => {
+    await client.auth.signIn({
+      email: "updatePwUser@turingpoint.de",
+      password: "Abcd12345!",
+    });
+
+    // Create > 5000 Todos
+    for (let i = 0; i < 201; i++) {
+      const todos = Array(25)
+        .fill({})
+        .map((_, i) => ({
+          item: { title: `Todo ${i}`, done: false },
+          roles: [],
+          users: [],
+          referenceIds: [],
+        }));
+
+      await client.api.bulkCreateItems({
+        items: todos,
+        type: "Todo",
+      });
+    }
+
+    try {
+      await client.auth.updatePassword({
+        oldPassword: "Abcd12345!",
+        newPassword: "Abcd1234!",
+      });
+    } catch (e) {
+      console.log(e);
+    }
+
+    client.auth.signOut();
+
+    const session = await client.auth.signIn({
+      email: "updatePwUser@turingpoint.de",
+      password: "Abcd1234!",
+    });
+    expect(session?.email).toBe("updatePwUser@turingpoint.de");
+
+    const todoQuery = gql`
+      query getTodo($id: String!) {
+        getItem(id: $id) {
+          id
+          item {
+            text
+            done
+          }
+          tasks: items(type: "Task") {
+            id
+            item {
+              title
+              description
+              done
+            }
+          }
+          createdAt
+        }
+      }
+    `;
+
+    const todo = await client.api.query<{ item: {} }>(todoQuery, {
+      id,
+    });
+
+    expect(todo.item).toStrictEqual({ text: "First Todo", done: false });
+
+    client.auth.signOut();
+  });
 });
 
 afterAll(async () => {
   await client.auth.signIn({
     email: "updatePwUser@turingpoint.de",
-    password: "Abcd12345!",
+    password: "Abcd1234!",
   });
   await client.auth.deleteUser();
 });