diff --git a/api.py b/api.py
index 9d85452..7619771 100644
--- a/api.py
+++ b/api.py
@@ -116,6 +116,14 @@ async def update_user(user: UserUpdate, session: SessionDep, current_user: User
     user_db = session.get(User, current_user.id)
     user_data = user.model_dump(exclude_unset=True)
 
+    # Check if the password is being updated
+    if 'password' in user_data:
+        # Generate a new salt
+        salt = random.randint(00000, 99999)
+        # Hash the new password with the new salt
+        user_data['password'] = hash_password(user_data['password'], salt)
+        user_data['salt'] = salt
+
     user_db.sqlmodel_update(user_data)
     session.add(user_db)
     session.commit()