diff --git a/apps/authentication/api/v1/api.py b/apps/authentication/api/v1/api.py
index 78b85bc..762641b 100644
--- a/apps/authentication/api/v1/api.py
+++ b/apps/authentication/api/v1/api.py
@@ -14,6 +14,7 @@ from apps.core.mixins.search_mixin import DynamicSearchMixin
 from apps.core.pagination import CustomPageNumberPagination
 from apps.authorization.api.v1 import api as authorize_view
 from rest_framework.permissions import IsAuthenticated
+from django.contrib.auth.hashers import make_password
 from apps.authentication.tools import get_token_jti
 from common.helpers import get_organization_by_user
 from rest_framework.viewsets import ModelViewSet
@@ -57,7 +58,7 @@ class UserViewSet(ModelViewSet):
         Customizing create user & bank account information with
         permission levels
         """
-
+        request.data.update({'password': make_password(request.data['password'])})
         serializer = self.serializer_class(data=request.data)
         if serializer.is_valid():
             user = serializer.save()
diff --git a/apps/authentication/api/v1/serializers/serializer.py b/apps/authentication/api/v1/serializers/serializer.py
index 4132934..b09e8b6 100644
--- a/apps/authentication/api/v1/serializers/serializer.py
+++ b/apps/authentication/api/v1/serializers/serializer.py
@@ -14,6 +14,7 @@ from apps.authentication.models import (
     BankAccountInformation
 )
 from apps.authorization import models as authorize_models
+from django.contrib.auth.hashers import make_password
 import typing
 
 
@@ -133,8 +134,10 @@ class UserSerializer(serializers.ModelSerializer):
     def update(self, instance, validated_data):
         """ update user instance """
         instance.username = validated_data.get('username', instance.username)
+
+        # control password
         if validated_data.get('password'):
-            instance.password = validated_data.get('password', instance.password)
+            instance.password = make_password(validated_data.get('password', instance.password))
         instance.first_name = validated_data.get('first_name')
         instance.last_name = validated_data.get('last_name')
         instance.is_active = validated_data.get('is_active')
diff --git a/apps/authentication/models.py b/apps/authentication/models.py
index c63e907..bea37f4 100644
--- a/apps/authentication/models.py
+++ b/apps/authentication/models.py
@@ -43,7 +43,6 @@ class User(AbstractUser, BaseModel):
         return f'{self.username} {self.last_name}-{self.last_login}'
 
     def save(self, *args, **kwargs):
-        self.password = make_password(self.password)
         super(User, self).save(*args, **kwargs)