diff --git a/src/test/users-test.js b/src/test/users-test.js
index 4a5028610..f6e1c475d 100644
--- a/src/test/users-test.js
+++ b/src/test/users-test.js
@@ -8,8 +8,6 @@
 const BoxError = require('../boxerror.js'),
     common = require('./common.js'),
     expect = require('expect.js'),
-    fs = require('fs'),
-    paths = require('../paths.js'),
     safe = require('safetydance'),
     users = require('../users.js'),
     _ = require('underscore');
@@ -267,36 +265,24 @@ describe('User', function () {
         });
 
         it('fails for ghost with wrong password', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-            await fs.promises.writeFile(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const [error] = await safe(users.verify(admin.id, 'foobar', users.AP_WEBADMIN));
-            await fs.promises.unlink(paths.GHOST_USER_FILE);
-
             expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
         });
 
         it('succeeds for ghost', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-            await fs.promises.writeFile(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const result = await users.verify(admin.id, 'testpassword', users.AP_WEBADMIN);
-            if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file exists after verification');
-
             expect(result.id).to.equal(admin.id);
             expect(result.ghost).to.be(true);
         });
 
         it('succeeds for normal user password when ghost file exists', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-            fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const result = await users.verify(admin.id, admin.password, users.AP_WEBADMIN);
-            if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file went way without verification');
-
             expect(result.id).to.equal(admin.id);
             expect(result.ghost).to.not.be.ok();
         });
@@ -331,26 +317,16 @@ describe('User', function () {
         });
 
         it('fails for ghost with wrong password', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-
-            fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const [error] = await safe(users.verifyWithUsername(admin.username, 'foobar', users.AP_WEBADMIN));
-            if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file went way without verification');
-            fs.unlinkSync(paths.GHOST_USER_FILE);
-
             expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
         });
 
         it('succeeds for ghost', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-
-            fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const result = await users.verifyWithUsername(admin.username, 'testpassword', users.AP_WEBADMIN);
-            if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file still around!');
             expect(result.id).to.equal(admin.id);
             expect(result.ghost).to.be(true);
         });
@@ -385,27 +361,16 @@ describe('User', function () {
         });
 
         it('fails for ghost with wrong password', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-
-            fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const [error] = await safe(users.verifyWithEmail(admin.email, 'foobar', users.AP_WEBADMIN));
-            if (!fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file not found after failed login!');
-            fs.unlinkSync(paths.GHOST_USER_FILE);
-
             expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS);
         });
 
         it('succeeds for ghost', async function () {
-            let ghost = { };
-            ghost[admin.username] = 'testpassword';
-
-            fs.writeFileSync(paths.GHOST_USER_FILE, JSON.stringify(ghost), 'utf8');
+            await users.setGhost(admin, 'testpassword', 0);
 
             const result = await users.verifyWithEmail(admin.email, 'testpassword', users.AP_WEBADMIN);
-            if (fs.existsSync(paths.GHOST_USER_FILE)) throw new Error('Ghost file still around!');
-
             expect(result.id).to.equal(admin.id);
             expect(result.ghost).to.equal(true);
         });