diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
index e09f11d..6884771 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/controller/permission/UserController.java
@@ -44,15 +44,15 @@ public class UserController {
 
     @PutMapping("/passwd")
     @Operation(summary = "修改密码")
-    public ResponseResult<?> modifyPasswd(String password) {
-        if (password == null) {
+    public ResponseResult<?> modifyPasswd(String oldPasswd, String newPassword) {
+        if (oldPasswd == null || newPassword == null) {
             throw new DataValidationFailedException();
         }
-        password = password.trim();
-        if (password.isBlank() || password.length() < 8 || password.length() > 64) {
+        newPassword = newPassword.trim();
+        if (oldPasswd.isBlank() || oldPasswd.length() < 8 || oldPasswd.length() > 64 || newPassword.isBlank() || newPassword.length() < 8 || newPassword.length() > 64) {
             throw new DataValidationFailedException();
         }
-        if (userService.modifyPasswd(password)) {
+        if (userService.modifyPasswd(oldPasswd, newPassword)) {
             return ResponseResult.databaseUpdateSuccess(null);
         } else {
             return ResponseResult.build(ResponseCode.DATABASE_UPDATE_ERROR, "error", null);
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java b/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java
index 6275c99..3c60990 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/entity/common/ResponseCode.java
@@ -8,6 +8,7 @@ public class ResponseCode {
     public static final int SYSTEM_OK = 20000;
     public static final int LOGIN_SUCCESS = 20010;
     public static final int LOGIN_USERNAME_PASSWORD_ERROR = 20011;
+    public static final int OLD_PASSWORD_NOT_MATCH = 20012;
     public static final int LOGOUT_SUCCESS = 20015;
     public static final int LOGOUT_FAILED = 20016;
     public static final int TOKEN_IS_ILLEGAL = 20017;
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/exception/OldPasswordNotMatchException.java b/Pinnacle/src/main/java/com/cfive/pinnacle/exception/OldPasswordNotMatchException.java
new file mode 100644
index 0000000..2979f10
--- /dev/null
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/exception/OldPasswordNotMatchException.java
@@ -0,0 +1,23 @@
+package com.cfive.pinnacle.exception;
+
+public class OldPasswordNotMatchException extends RuntimeException {
+    public OldPasswordNotMatchException() {
+        super("Old password not match");
+    }
+
+    public OldPasswordNotMatchException(String message) {
+        super(message);
+    }
+
+    public OldPasswordNotMatchException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public OldPasswordNotMatchException(Throwable cause) {
+        super(cause);
+    }
+
+    public OldPasswordNotMatchException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
+        super(message, cause, enableSuppression, writableStackTrace);
+    }
+}
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/handler/CustomExceptionHandler.java b/Pinnacle/src/main/java/com/cfive/pinnacle/handler/CustomExceptionHandler.java
index 65f5b1a..1809f56 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/handler/CustomExceptionHandler.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/handler/CustomExceptionHandler.java
@@ -5,6 +5,7 @@ import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.cfive.pinnacle.entity.common.ResponseCode;
 import com.cfive.pinnacle.entity.common.ResponseResult;
 import com.cfive.pinnacle.exception.DataValidationFailedException;
+import com.cfive.pinnacle.exception.OldPasswordNotMatchException;
 import com.cfive.pinnacle.exception.TokenHasExpiredException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.dao.DataIntegrityViolationException;
@@ -53,6 +54,9 @@ public class CustomExceptionHandler {
         if (e instanceof UncategorizedSQLException) {
             return ResponseResult.build(ResponseCode.DATABASE_EXECUTE_ERROR, "error", null);
         }
+        if (e instanceof OldPasswordNotMatchException) {
+            return ResponseResult.build(ResponseCode.OLD_PASSWORD_NOT_MATCH, e.getMessage(), null);
+        }
 
         log.debug(e.getMessage(), e);
 
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
index a3022c7..9eb1b04 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/IUserService.java
@@ -18,7 +18,7 @@ public interface IUserService extends IService<User> {
 
     User getInfo();
 
-    boolean modifyPasswd(String passwd);
+    boolean modifyPasswd(String oldPasswd, String newPasswd);
 
     List<User> getAffairUser();
 
diff --git a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
index a3ccc49..d0cb656 100644
--- a/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
+++ b/Pinnacle/src/main/java/com/cfive/pinnacle/service/permission/impl/UserServiceImpl.java
@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.PageDTO;
 import com.cfive.pinnacle.entity.permission.*;
+import com.cfive.pinnacle.exception.OldPasswordNotMatchException;
 import com.cfive.pinnacle.mapper.permission.*;
 import com.cfive.pinnacle.service.permission.IUserService;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
@@ -76,8 +77,12 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IU
     }
 
     @Override
-    public boolean modifyPasswd(String passwd) {
-        String encryptedPassword = passwordEncoder.encode(passwd);
+    public boolean modifyPasswd(String oldPasswd, String newPasswd) {
+        if (!passwordEncoder.matches(oldPasswd, userMapper.getOneWithPowerByUsername(WebUtil.getLoginUser().getUsername()).getPasswd())) {
+            throw new OldPasswordNotMatchException();
+        }
+
+        String encryptedPassword = passwordEncoder.encode(newPasswd);
         User user = new User().setId(WebUtil.getLoginUser().getUser().getId()).setPasswd(encryptedPassword);
         return userMapper.updateById(user) == 1;
     }
diff --git a/ui/src/constants/Common.constants.ts b/ui/src/constants/Common.constants.ts
index 4ee31e6..e58a345 100644
--- a/ui/src/constants/Common.constants.ts
+++ b/ui/src/constants/Common.constants.ts
@@ -15,6 +15,7 @@ const SIZE_ICON_XL = '64px'
 const SYSTEM_OK = 20000
 const LOGIN_SUCCESS = 20010
 const LOGIN_USERNAME_PASSWORD_ERROR = 20011
+const OLD_PASSWORD_NOT_MATCH = 20012
 const LOGOUT_SUCCESS = 20015
 const LOGOUT_FAILED = 20016
 const TOKEN_IS_ILLEGAL = 20017
@@ -57,6 +58,7 @@ export {
     SYSTEM_OK,
     LOGIN_SUCCESS,
     LOGIN_USERNAME_PASSWORD_ERROR,
+    OLD_PASSWORD_NOT_MATCH,
     LOGOUT_SUCCESS,
     LOGOUT_FAILED,
     TOKEN_IS_ILLEGAL,