diff --git a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/system/api/domain/SysUser.java b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/system/api/domain/SysUser.java
index 4b0d841..5e1cd43 100644
--- a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/system/api/domain/SysUser.java
+++ b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/system/api/domain/SysUser.java
@@ -57,7 +57,7 @@ public class SysUser extends BaseEntity
     private String avatar;
 
     /** 密码 */
-    @JsonIgnore
+//    @JsonIgnore
     private transient String password;
 
     /** 帐号状态（0正常 1停用） */
diff --git a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/service/SysLoginService.java b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/service/SysLoginService.java
index 9ba88b7..0537c46 100644
--- a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/service/SysLoginService.java
+++ b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/service/SysLoginService.java
@@ -93,6 +93,13 @@ public class SysLoginService {
             throw new ServiceException("对不起，您的账号：" + username + " 已停用");
         }
         passwordService.validate(user, password);
+
+        // 检查用户是否需要更改初始密码
+        if (user.getForceChangePwd().equals(1)) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "请先修改初始密码");
+            throw new ServiceException("请先修改初始密码");
+        }
+
         recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
         return userInfo;
     }
diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysUserController.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysUserController.java
index 9b132af..d335006 100644
--- a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysUserController.java
+++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysUserController.java
@@ -198,6 +198,7 @@ public class SysUserController extends BaseController {
         ajax.put("posts", postService.selectPostAll());
         if (StringUtils.isNotNull(userId)) {
             SysUser sysUser = userService.selectUserById(userId);
+            sysUser.setPassword(null);
             ajax.put(AjaxResult.DATA_TAG, sysUser);
             ajax.put("postIds", postService.selectPostListByUserId(userId));
             ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
diff --git a/sgzb-modules/sgzb-system/src/main/resources/mapper/system/SysUserMapper.xml b/sgzb-modules/sgzb-system/src/main/resources/mapper/system/SysUserMapper.xml
index d745955..707624c 100644
--- a/sgzb-modules/sgzb-system/src/main/resources/mapper/system/SysUserMapper.xml
+++ b/sgzb-modules/sgzb-system/src/main/resources/mapper/system/SysUserMapper.xml
@@ -196,6 +196,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="createBy != null and createBy != ''">create_by,</if>
  			<if test="remark != null and remark != ''">remark,</if>
  			<if test="companyId != null and companyId != ''">company_id,</if>
+			force_change_pwd,
  			create_time
  		)values(
  			<if test="userId != null and userId != ''">#{userId},</if>
@@ -211,6 +212,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="createBy != null and createBy != ''">#{createBy},</if>
  			<if test="remark != null and remark != ''">#{remark},</if>
  			<if test="companyId != null and companyId != ''">#{companyId},</if>
+			1,
  			sysdate()
  		)
 	</insert>
@@ -231,6 +233,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="loginDate != null">login_date = #{loginDate},</if>
  			<if test="updateBy != null and updateBy != ''">update_by = #{updateBy},</if>
  			<if test="remark != null">remark = #{remark},</if>
+			force_change_pwd = 1,
  			update_time = sysdate()
  		</set>
  		where user_id = #{userId}