diff --git a/server/proj/account/views.py b/server/proj/account/views.py
index 59887c5..47053cf 100644
--- a/server/proj/account/views.py
+++ b/server/proj/account/views.py
@@ -10,7 +10,7 @@ from conf import settings
 from account.serializers import MyUserSerializer, MyTokenObtainPairSerializer
 from account.models import MyUser
 from .schemas import UpdateUserSchema
-
+from conf.settings.base import MIN_LEN_PASSWORD
 
 PermissionClass = IsAuthenticated if not settings.DEBUG else AllowAny
 
@@ -59,6 +59,21 @@ class MyUserViewSet(ViewSet):
     @action(detail=False, methods=['post'], schema=UpdateUserSchema())
     def update_user(self, request):
         password = request.user.password
+        
+        if request.data['password'] == request.data['email']:
+            return Response(
+                {'detail': 'Почта не может являться паролем', 'error': {'email': 'Почта не может являться паролем'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+
+        if len(request.data['password']) < MIN_LEN_PASSWORD:
+            return Response(
+                {'detail': 'Минимальная длина - 8 символов', 'error': {'email': 'Минимальная длина - 8 символов'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+
+        if check_password(request.data['password'], password):
+            return Response(
+                {'detail': 'Пароли одинаковые', 'error': {'email': 'Пароли одинаковые'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
 
         if check_password(request.data['old_password'], password):
             if 'email' in request.data:
@@ -70,7 +85,10 @@ class MyUserViewSet(ViewSet):
             serializer.save()
             return Response(serializer.data)
         else:
-            return Response({'error':'Неверный старый пароль'}, status=status.HTTP_400_BAD_REQUEST)
+            return Response(
+                {'detail': 'Неверный старый пароль', 'error': {'email': 'Неверный старый пароль'}}, 
+                status=status.HTTP_400_BAD_REQUEST)
+        
 
     @action(detail=False, methods=['post'])
     def password_reset_user(self, request):
diff --git a/server/proj/conf/settings/__pycache__/base.cpython-310.pyc b/server/proj/conf/settings/__pycache__/base.cpython-310.pyc
index f9d6ad8..7434b68 100644
Binary files a/server/proj/conf/settings/__pycache__/base.cpython-310.pyc and b/server/proj/conf/settings/__pycache__/base.cpython-310.pyc differ
diff --git a/server/proj/conf/settings/base.py b/server/proj/conf/settings/base.py
index 79d2cd7..4b7f9be 100644
--- a/server/proj/conf/settings/base.py
+++ b/server/proj/conf/settings/base.py
@@ -160,3 +160,4 @@ CORS_ALLOW_CREDENTIALS = True
 CORS_ALLOWED_ORIGINS = [
     'http://localhost:5173',
 ]
+MIN_LEN_PASSWORD = 8
\ No newline at end of file