diff --git a/spec/user.model.spec.cjs b/spec/user.model.spec.cjs
index e256e638..e3a37b1c 100644
--- a/spec/user.model.spec.cjs
+++ b/spec/user.model.spec.cjs
@@ -65,4 +65,84 @@ describe('User Model', () => {
     expect(isMatch).toBe(true);
     expect(isNotMatch).toBe(false);
   });
-});
\ No newline at end of file
+
+  it('should hash password again when password is modified', async () => {
+  const user = new User({
+    username: 'testuser4',
+    email: 'test4@example.com',
+    password: 'password123',
+  });
+
+  await user.save();
+
+  const oldHash = user.password;
+
+  user.password = 'newpassword123';
+  await user.save();
+
+  expect(user.password).not.toBe(oldHash);
+
+  const isMatch = await bcrypt.compare('newpassword123', user.password);
+  expect(isMatch).toBeTrue();
+});
+
+it('should reject user without email', async () => {
+  const user = new User({
+    username: 'testuser5',
+    password: 'password123',
+  });
+
+  await expectAsync(user.save()).toBeRejected();
+});
+
+it('should reject user without username', async () => {
+  const user = new User({
+    email: 'test5@example.com',
+    password: 'password123',
+  });
+
+  await expectAsync(user.save()).toBeRejected();
+});
+
+it('should reject user without password', async () => {
+  const user = new User({
+    username: 'testuser6',
+    email: 'test6@example.com',
+  });
+
+  await expectAsync(user.save()).toBeRejected();
+});
+
+it('should fail password comparison for empty password', async () => {
+  const user = new User({
+    username: 'testuser7',
+    email: 'test7@example.com',
+    password: 'password123',
+  });
+
+  await user.save();
+
+  const isMatch = await user.comparePassword('');
+  expect(isMatch).toBeFalse();
+});
+
+it('should generate different hashes for same password', async () => {
+  const user1 = new User({
+    username: 'user1',
+    email: 'user1@example.com',
+    password: 'samepassword',
+  });
+
+  const user2 = new User({
+    username: 'user2',
+    email: 'user2@example.com',
+    password: 'samepassword',
+  });
+
+  await user1.save();
+  await user2.save();
+
+  expect(user1.password).not.toBe(user2.password);
+});
+
+});