diff --git a/agileboot-system/wol-auth/src/main/java/com/agileboot/auth/service/strategy/PasswordAuthStrategy.java b/agileboot-system/wol-auth/src/main/java/com/agileboot/auth/service/strategy/PasswordAuthStrategy.java
index 317fb03..35cc820 100644
--- a/agileboot-system/wol-auth/src/main/java/com/agileboot/auth/service/strategy/PasswordAuthStrategy.java
+++ b/agileboot-system/wol-auth/src/main/java/com/agileboot/auth/service/strategy/PasswordAuthStrategy.java
@@ -3,6 +3,7 @@ package com.agileboot.auth.service.strategy;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.dev33.satoken.stp.parameter.SaLoginParameter;
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.crypto.digest.BCrypt;
 import com.agileboot.auth.pojo.form.PasswordLoginBody;
 import com.agileboot.auth.pojo.vo.CurrentLoginUserVO;
 import com.agileboot.auth.pojo.vo.LoginVO;
@@ -61,7 +62,7 @@ public class PasswordAuthStrategy implements IAuthStrategy {
         if (!Objects.equals(loginUser.getClientId(), clientId)) {
             throw new BizException("client.not.match");
         }
-        loginService.checkLogin(LoginType.PASSWORD, null, loginUser.getUsername(), () -> false);
+        loginService.checkLogin(LoginType.PASSWORD, null, loginUser.getUsername(), () -> !BCrypt.checkpw(password, loginUser.getPassword()));
 
         loginUser.setClientKey(client.getClientKey());
         loginUser.setDeviceType(client.getDeviceType());