diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index 474b62979..119812225 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -144,7 +144,8 @@ class AccountsController < ApplicationController
 
       user = Users::RegisterService.call(register_params)
       user.mail = "#{user.login}@example.org" if user.mail.blank?
-      password = register_params[:password].strip
+      password = decrypt(register_params[:password]) rescue ""
+      password = password.strip
 
       # gitea用户注册, email, username, password
       interactor = Gitea::RegisterInteractor.call({username: user.login, email: user.mail, password: password})
@@ -224,15 +225,18 @@ class AccountsController < ApplicationController
   end
 
   def change_password 
-    return render_error("两次输入的密码不一致") if params[:password].to_s != params[:new_password_repeat].to_s
+    password = decrypt(params[:password]) rescue ""
+    new_password_repeat = decrypt(params[:new_password_repeat]) rescue ""
+    old_password = decrypt(params[:old_password]) rescue ""
+    return render_error("两次输入的密码不一致") if password.to_s != new_password_repeat.to_s
     @user = User.find_by(login: params[:login])
     return render_forbidden unless User.current.login == @user&.login
     return render_error("此用户禁止修改密码！") if @user.id.to_i === 104691
     return render_error("未找到相关用户!") if @user.blank?
-    return render_error("旧密码不正确") unless @user.check_password?(params[:old_password])
+    return render_error("旧密码不正确") unless @user.check_password?(old_password)
 
     sync_params = {
-      password: params[:password].to_s,
+      password: password.to_s,
       email: @user.mail,
       login_name: @user.name,
       source_id: 0
@@ -240,7 +244,7 @@ class AccountsController < ApplicationController
 
     interactor = Gitea::User::UpdateInteractor.call(@user.login, sync_params)
     if interactor.success?
-      @user.update_attribute(:password, params[:password])
+      @user.update_attribute(:password, password)
       render_ok
     else
       render_error(interactor.error)
diff --git a/app/controllers/api/v1/users_controller.rb b/app/controllers/api/v1/users_controller.rb
index 09c5a3276..676304917 100644
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@@ -1,4 +1,5 @@
 class Api::V1::UsersController < Api::V1::BaseController 
+  include AesCryptHelper
 
   before_action :load_observe_user, except: [:check_user_id, :check_user_login]
   before_action :check_auth_for_observe_user, except: [:check_user_id, :check_user_login]
@@ -53,7 +54,7 @@ class Api::V1::UsersController < Api::V1::BaseController
   end
 
   def check_password 
-    password = params[:password]
+    password = decrypt(params[:password]) rescue ""
     return tip_exception(-5, "8~16位密码，支持字母数字和符号") unless password =~ CustomRegexp::PASSWORD
     return tip_exception(-5, "密码错误") unless @observe_user.check_password?(password)
     render_ok
@@ -126,7 +127,8 @@ class Api::V1::UsersController < Api::V1::BaseController
 
 
   def destroy
-    return tip_exception(-1, "密码不正确.")  unless @observe_user.check_password?(params[:password])
+    password = decrypt(params[:password]) rescue ""
+    return tip_exception(-1, "密码不正确.")  unless @observe_user.check_password?(password)
     org_ids = TeamUser.where(user_id: @observe_user.id).pluck(:organization_id) | OrganizationUser.where(user_id: @observe_user.id).pluck(:organization_id)
     org_count = TeamUser.where(organization_id: org_ids).where(user_id: @observe_user.id).joins(:team).where(teams: {authorize: %w(owner)}).count
     project_count = Project.where(user_id: @observe_user.id).count
diff --git a/app/forms/base_form.rb b/app/forms/base_form.rb
index 19af61026..eb00ec562 100644
--- a/app/forms/base_form.rb
+++ b/app/forms/base_form.rb
@@ -1,5 +1,6 @@
 class BaseForm
   include ActiveModel::Model
+  include AesCryptHelper
 
   Error                     = Class.new(StandardError)
   EmailError                = Class.new(Error)
@@ -53,11 +54,15 @@ class BaseForm
   end
 
   def check_password(password)
+    password = decrypt(password) rescue ""
     password = strip(password)
     raise PasswordFormatError, "密码8~16位密码，支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
   end
 
   def check_password_confirmation(password, password_confirmation)
+    password = decrypt(password) rescue ""
+    password_confirmation = decrypt(password_confirmation) rescue ""
+
     password = strip(password)
     password_confirmation = strip(password_confirmation)
 
diff --git a/app/services/accounts/reset_password_service.rb b/app/services/accounts/reset_password_service.rb
index 5202fe77a..58d0fda8b 100644
--- a/app/services/accounts/reset_password_service.rb
+++ b/app/services/accounts/reset_password_service.rb
@@ -1,10 +1,11 @@
 module Accounts
   class ResetPasswordService < ApplicationService
+    include AesCryptHelper
     # login、code、password、password_confirmation
     def initialize(user, params)
       @user      = user
-      @password  = params[:password]
-      @password_confirmation = params[:password_confirmation]
+      @password  = decrypt(params[:password]) rescue ""
+      @password_confirmation = decrypt(params[:password_confirmation]) rescue ""
     end
 
     def call
diff --git a/app/services/api/v1/users/update_email_service.rb b/app/services/api/v1/users/update_email_service.rb
index 7ed5a0fbc..3f0875d8a 100644
--- a/app/services/api/v1/users/update_email_service.rb
+++ b/app/services/api/v1/users/update_email_service.rb
@@ -1,5 +1,6 @@
 class Api::V1::Users::UpdateEmailService < ApplicationService 
   include ActiveModel::Model 
+  include AesCryptHelper
 
   attr_reader :user, :token, :password, :mail, :old_mail, :code, :verify_code
   attr_accessor :gitea_data
@@ -10,7 +11,7 @@ class Api::V1::Users::UpdateEmailService < ApplicationService
   def initialize(user, params, token =nil)
     @user = user 
     @token = token 
-    @password = params[:password]
+    @password = decrypt(params[:password]) rescue ""
     @mail = params[:email]
     @old_mail = user.mail
     @code = params[:code]
diff --git a/app/services/api/v1/users/update_phone_service.rb b/app/services/api/v1/users/update_phone_service.rb
index ed53d7eb5..b79387773 100644
--- a/app/services/api/v1/users/update_phone_service.rb
+++ b/app/services/api/v1/users/update_phone_service.rb
@@ -1,5 +1,6 @@
 class Api::V1::Users::UpdatePhoneService < ApplicationService
   include ActiveModel::Model 
+  include AesCryptHelper
 
   attr_reader :user, :password, :phone, :code, :verify_code
 
@@ -8,7 +9,7 @@ class Api::V1::Users::UpdatePhoneService < ApplicationService
 
   def initialize(user, params)
     @user = user 
-    @password = params[:password]
+    @password = decrypt(params[:password]) rescue ""
     @phone = params[:phone]
     @code = params[:code]
     @verify_code = VerificationCode.where(phone: @phone, code_type: 4).last
diff --git a/app/services/users/register_service.rb b/app/services/users/register_service.rb
index fc0e4231e..f6c8c2cf2 100644
--- a/app/services/users/register_service.rb
+++ b/app/services/users/register_service.rb
@@ -1,8 +1,10 @@
 class Users::RegisterService < ApplicationService
+  include AesCryptHelper
+
   def initialize(params)
     @login     = params[:login]
     @namespace = params[:namespace]
-    @password  = params[:password]
+    @password  = decrypt(params[:password]) rescue ""
     @code      = params[:code]
   end