diff --git a/users/userservice/user-service.js b/users/userservice/user-service.js
index 43362268..35c97942 100644
--- a/users/userservice/user-service.js
+++ b/users/userservice/user-service.js
@@ -54,6 +54,14 @@ app.post("/adduser", async (req, res) => {
     validateRequiredFields(req, ["username", "password"]);
 
     const username = req.body.username;
+    const password= req.body.password;
+    
+    const passwordRegex = /^(?=.*[A-Z])(?=.*\d).{8,}$/;
+    if (!passwordRegex.test(password)) {
+      return res.status(401).json({
+        error: "Password must be at least 8 characters long, contain at least one uppercase letter, and at least one number.",
+      });
+    }
 
     // Check if the username already exists
     const existingUser = await User.findOne({ username: username });
diff --git a/users/userservice/user-service.test.js b/users/userservice/user-service.test.js
index 62e1125c..f9bfa7ef 100644
--- a/users/userservice/user-service.test.js
+++ b/users/userservice/user-service.test.js
@@ -7,7 +7,8 @@ let app;
 
 const username = "testuser";
 const friendUsername = "testfriend";
-const password = "testpassword";
+const password = "Testpassword1";
+const badPassword = "pass";
 
 beforeAll(async () => {
   mongoServer = await MongoMemoryServer.create();
@@ -45,6 +46,20 @@ describe("User Service", () => {
     });
   });
 
+
+  it("should send password validation error on POST /adduser", async () => {
+    const newUser = {
+      username: "testuser",
+      password: badPassword,
+    };
+
+    const response = await request(app).post("/adduser").send(newUser);
+    expect(response.status).toBe(401);
+    expect(response.body).toEqual({
+      error: "Password must be at least 8 characters long, contain at least one uppercase letter, and at least one number.",
+    });
+  });
+
   it("should add a new user on POST /adduser", async () => {
     const newUser = {
       username: "testuser",