diff --git a/app/Http/Controllers/Auth/RegisteredUserController.php b/app/Http/Controllers/Auth/RegisteredUserController.php
index d8d29eb5..fb605d92 100644
--- a/app/Http/Controllers/Auth/RegisteredUserController.php
+++ b/app/Http/Controllers/Auth/RegisteredUserController.php
@@ -37,7 +37,7 @@ public function store(Request $request)
         $request->validate([
             'name' => ['required', 'string', 'max:255'],
             'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
-            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+            'password' => ['required', 'confirmed', Rules\Password::defaults(), 'regex:/[A-Za-z]/'],
         ]);
 
         $user = User::create([
diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index e0093a49..b43d2348 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -3,6 +3,9 @@
 namespace App\Http\Controllers;
 
 use App\Http\Requests\ProfileUpdateRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
 
 class ProfileController extends Controller
 {
@@ -16,6 +19,17 @@ public function update(ProfileUpdateRequest $request)
         // Task: fill in the code here to update name and email
         // Also, update the password if it is set
 
+        $user = Auth::user();
+
+        $user->name = $request->name;
+        $user->email = $request->email;
+
+        if ($request->filled('password')) {
+            $user->password = Hash::make($request->password);
+        }
+
+        $user->save();
+
         return redirect()->route('profile.show')->with('success', 'Profile updated.');
     }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
index e23e0905..12a2354b 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -8,7 +8,7 @@
 use Illuminate\Notifications\Notifiable;
 use Laravel\Sanctum\HasApiTokens;
 
-class User extends Authenticatable
+class User extends Authenticatable implements MustVerifyEmail
 {
     use HasApiTokens, HasFactory, Notifiable;
 
diff --git a/resources/views/auth/profile.blade.php b/resources/views/auth/profile.blade.php
index 70e8a8e1..aa775f59 100644
--- a/resources/views/auth/profile.blade.php
+++ b/resources/views/auth/profile.blade.php
@@ -29,7 +29,7 @@
                                      class="block mt-1 w-full"
                                      type="text"
                                      name="name"
-                                     value="???"
+                                     value="{{ Auth::user()->name }}"
                                      required />
                         </div>
 
@@ -40,7 +40,7 @@ class="block mt-1 w-full"
                                      class="block mt-1 w-full"
                                      type="email"
                                      name="email"
-                                     value="???"
+                                     value="{{ Auth::user()->email }}"
                                      required />
                         </div>
 
diff --git a/resources/views/layouts/navigation.blade.php b/resources/views/layouts/navigation.blade.php
index 785936e7..6323af4c 100644
--- a/resources/views/layouts/navigation.blade.php
+++ b/resources/views/layouts/navigation.blade.php
@@ -16,9 +16,11 @@
                         {{ __('Users') }}
                     </x-nav-link>
                     {{-- Task: this "Profile" link should be visible only to logged-in users --}}
+                    @auth
                     <x-nav-link href="/profile" :active="request()->routeIs('profile.show')">
                         {{ __('Profile') }}
                     </x-nav-link>
+                    @endauth
                 </div>
             </div>
 
diff --git a/routes/web.php b/routes/web.php
index 71d04297..b92f4901 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -20,17 +20,21 @@
 Route::get('users', [\App\Http\Controllers\UserController::class, 'index'])->name('users.index');
 
 // Task: profile functionality should be available only for logged-in users
-Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show');
-Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name('profile.update');
+Route::group(['middleware' => 'auth'], function () {
+    Route::get('profile', [\App\Http\Controllers\ProfileController::class, 'show'])->name('profile.show')->middleware(
+        'auth'
+    );
+    Route::put('profile', [\App\Http\Controllers\ProfileController::class, 'update'])->name(
+        'profile.update'
+    )->middleware('auth');
+});
 
 // Task: this "/secretpage" URL should be visible only for those who VERIFIED their email
 // Add some middleware here, and change some code in app/Models/User.php to enable this
-Route::view('/secretpage', 'secretpage')
-    ->name('secretpage');
+Route::view('/secretpage', 'secretpage')->middleware('verified')->name('secretpage');
 
 // Task: this "/verysecretpage" URL should ask user for verifying their password once again
 // You need to add some middleware here
-Route::view('/verysecretpage', 'verysecretpage')
-    ->name('verysecretpage');
+Route::view('/verysecretpage', 'verysecretpage')->middleware('password.confirm')->name('verysecretpage');
 
 require __DIR__.'/auth.php';