diff --git a/.vscode/settings.json b/.vscode/settings.json
index 93106f18..6c384d1e 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,5 +1,6 @@
 {
   "eslint.workingDirectories": [
     "ui"
-  ]
+  ],
+  "commentTranslate.multiLineMerge": true
 }
diff --git a/docs/docs.go b/docs/docs.go
index 3c593476..3310c0b2 100644
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -8925,6 +8925,14 @@ const docTemplate = `{
                 "pass"
             ],
             "properties": {
+                "captcha_code": {
+                    "type": "string",
+                    "maxLength": 500
+                },
+                "captcha_id": {
+                    "type": "string",
+                    "maxLength": 500
+                },
                 "old_pass": {
                     "type": "string",
                     "maxLength": 32,
diff --git a/docs/swagger.json b/docs/swagger.json
index 963d6fe7..d8bcb632 100644
--- a/docs/swagger.json
+++ b/docs/swagger.json
@@ -8913,6 +8913,14 @@
                 "pass"
             ],
             "properties": {
+                "captcha_code": {
+                    "type": "string",
+                    "maxLength": 500
+                },
+                "captcha_id": {
+                    "type": "string",
+                    "maxLength": 500
+                },
                 "old_pass": {
                     "type": "string",
                     "maxLength": 32,
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
index cb011241..a97803db 100644
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -2134,6 +2134,12 @@ definitions:
     type: object
   schema.UserModifyPasswordReq:
     properties:
+      captcha_code:
+        maxLength: 500
+        type: string
+      captcha_id:
+        maxLength: 500
+        type: string
       old_pass:
         maxLength: 32
         minLength: 8
diff --git a/internal/controller/user_controller.go b/internal/controller/user_controller.go
index 8c90ce6b..5266e66b 100644
--- a/internal/controller/user_controller.go
+++ b/internal/controller/user_controller.go
@@ -350,6 +350,21 @@ func (uc *UserController) UserModifyPassWord(ctx *gin.Context) {
 	req.UserID = middleware.GetLoginUserIDFromContext(ctx)
 	req.AccessToken = middleware.ExtractToken(ctx)
 
+	captchaPass := uc.actionService.ActionRecordVerifyCaptcha(ctx, schema.ActionRecordTypeModifyPass, ctx.ClientIP(),
+		req.CaptchaID, req.CaptchaCode)
+	if !captchaPass {
+		errFields := append([]*validator.FormErrorField{}, &validator.FormErrorField{
+			ErrorField: "captcha_code",
+			ErrorMsg:   translator.Tr(handler.GetLang(ctx), reason.CaptchaVerificationFailed),
+		})
+		handler.HandleResponse(ctx, errors.BadRequest(reason.CaptchaVerificationFailed), errFields)
+		return
+	}
+	_, err := uc.actionService.ActionRecordAdd(ctx, schema.ActionRecordTypeModifyPass, ctx.ClientIP())
+	if err != nil {
+		log.Error(err)
+	}
+
 	oldPassVerification, err := uc.userService.UserModifyPassWordVerification(ctx, req)
 	if err != nil {
 		handler.HandleResponse(ctx, err, nil)
@@ -363,6 +378,7 @@ func (uc *UserController) UserModifyPassWord(ctx *gin.Context) {
 		handler.HandleResponse(ctx, errors.BadRequest(reason.OldPasswordVerificationFailed), errFields)
 		return
 	}
+
 	if req.OldPass == req.Pass {
 		errFields := append([]*validator.FormErrorField{}, &validator.FormErrorField{
 			ErrorField: "pass",
@@ -372,6 +388,9 @@ func (uc *UserController) UserModifyPassWord(ctx *gin.Context) {
 		return
 	}
 	err = uc.userService.UserModifyPassword(ctx, req)
+	if err == nil {
+		uc.actionService.ActionRecordDel(ctx, schema.ActionRecordTypeLogin, ctx.ClientIP())
+	}
 	handler.HandleResponse(ctx, err, nil)
 }
 
diff --git a/internal/schema/user_schema.go b/internal/schema/user_schema.go
index f1f2bc2f..df22648d 100644
--- a/internal/schema/user_schema.go
+++ b/internal/schema/user_schema.go
@@ -222,9 +222,10 @@ const (
 	NoticeStatusOn  = 1
 	NoticeStatusOff = 2
 
-	ActionRecordTypeLogin    = "login"
-	ActionRecordTypeEmail    = "e_mail"
-	ActionRecordTypeFindPass = "find_pass"
+	ActionRecordTypeLogin      = "login"
+	ActionRecordTypeEmail      = "e_mail"
+	ActionRecordTypeFindPass   = "find_pass"
+	ActionRecordTypeModifyPass = "modify_pass"
 )
 
 var UserStatusShow = map[int]string{
@@ -276,10 +277,12 @@ func (u *UserRegisterReq) Check() (errFields []*validator.FormErrorField, err er
 }
 
 type UserModifyPasswordReq struct {
-	OldPass string `validate:"omitempty,gte=8,lte=32" json:"old_pass"`
-	Pass    string `validate:"required,gte=8,lte=32" json:"pass"`
+	OldPass     string `validate:"omitempty,gte=8,lte=32" json:"old_pass"`
+	Pass        string `validate:"required,gte=8,lte=32" json:"pass"`
 	UserID      string `json:"-"`
 	AccessToken string `json:"-"`
+	CaptchaID   string `validate:"omitempty,gt=0,lte=500" json:"captcha_id"`
+	CaptchaCode string `validate:"omitempty,gt=0,lte=500" json:"captcha_code"`
 }
 
 func (u *UserModifyPasswordReq) Check() (errFields []*validator.FormErrorField, err error) {