Rails tutorial chapter6 has_secure_passwordの動作が解説と一致しない

Rils tutorial 6章で躓いており、教えていただきたいです。

6.26にhas_secure_passwordを追加すればテストがパスするようにあると書いて有りますが、パスしません。

Failures:

1) User when password is not present 
     Failure/Error: it { should_not be_valid }
       expected #<User id: nil, name: "Example User", email: "user@example.com", created_at: nil, updated_at:     nil, password_digest: "$2a$04$P8/lQ.ytJHrnRbPM..Z4qeUAIipdMNjbOtohvnJI/31..."> not to be valid
     # ./spec/models/user_spec.rb:69:in `block (3 levels) in <top (required)>'

Finished in 0.36208 seconds
25 examples, 1 failure

Failed examples:

rspec ./spec/models/user_spec.rb:69 # User when password is not present 

Randomized with seed 52215

このテストを逆にshoud be_validにすれば通ります。こういうものでしょうか？

参考までに使用したテストの全文です。

require 'spec_helper'

describe User do

    before do
        @user = User.new(name: "Example User", email: "user@example.com",
            password: "foobar", password_confirmation: "foobar")
    end

    subject { @user }

    it { should respond_to(:name) }
    it { should respond_to(:email) }
    it { should respond_to(:password_digest) }
    it { should respond_to(:password) }
    it { should respond_to(:password_confirmation) }

    it { should be_valid }

    describe "when name is not present" do
        before { @user.name = " " }
        it { should_not be_valid }
    end

    describe "when email is not present" do
        before { @user.email = " " }
        it { should_not be_valid }
    end

    describe "when name is too long" do
        before { @user.name = "a" * 51 }
        it { should_not be_valid }
    end

    describe "when email format is invalid" do
        it "should be invalid" do
            addresses = %w[user@foo,com user_at_foo.org example.user@foo.foo@bar_baz.com foo@bar+baz.com]
            addresses.each do |invalid_address|
                @user.email = invalid_address
                expect(@user).not_to be_valid
            end
        end
    end

    describe "when email format is valid" do
        it "should be valid" do
            addresses = %w[user@foo.COM A_US-ER@f.b.org frst.lst@foo.jp a+b@baz.cn]
            addresses.each do |valid_address|
                @user.email = valid_address
                expect(@user).to be_valid
            end
        end
    end

    describe "when email address is already taken" do
        before do
            user_with_same_email = @user.dup
            user_with_same_email.email = @user.email.upcase
            user_with_same_email.save
        end
        it { should_not be_valid }
    end

    describe "when password is not present" do
        before do
            @user = User.new(name: "Example User", email: "user@example.com",
                password: " ", password_confirmation: " ")
        end
        it { should_not be_valid }
    end

    describe "when password doesn't match confirmation" do
        before { @user.password_confirmation = "mismatch" }
        it { should_not be_valid }
    end
end