diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java
index 5613c16e..3eecd2bd 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java
@@ -51,6 +51,8 @@ public class UserServiceImpl implements UserService {
 
     private static final int MINI_PASSWORD_LENGTH = 6;
 
+    private static final int MAX_PASSWORD_LENGTH = 72;
+
     private final UserMapper userMapper;
 
     private final BCryptPasswordEncoder bCryptPasswordEncoder;
@@ -74,6 +76,7 @@ public class UserServiceImpl implements UserService {
         if (existUserInfo != null) {
             throw new RuntimeException("用户名重复");
         }
+        this.checkPasswordLength(requestParam.getPassword());
         requestParam.setPassword(bCryptPasswordEncoder.encode(requestParam.getPassword()));
         UserInfo insertUser = BeanUtil.convert(requestParam, UserInfo.class);
         userMapper.insert(insertUser);
@@ -84,9 +87,7 @@ public class UserServiceImpl implements UserService {
     @Transactional(rollbackFor = Exception.class)
     public void updateUser(UserReqDTO requestParam) {
         if (StringUtil.isNotBlank(requestParam.getPassword())) {
-            if (requestParam.getPassword().length() < MINI_PASSWORD_LENGTH) {
-                throw new RuntimeException("密码最少为6个字符");
-            }
+            this.checkPasswordLength(requestParam.getPassword());
             requestParam.setPassword(bCryptPasswordEncoder.encode(requestParam.getPassword()));
         }
         UserInfo updateUser = BeanUtil.convert(requestParam, UserInfo.class);
@@ -129,4 +130,17 @@ public class UserServiceImpl implements UserService {
         result.setTempResources(permissionRespList.stream().map(PermissionRespDTO::getResource).collect(Collectors.toList()));
         return result;
     }
+
+    private void checkPasswordLength(String password) {
+        if (StringUtil.isBlank(password)) {
+            return;
+        }
+        if (password.length() < MINI_PASSWORD_LENGTH) {
+            throw new RuntimeException("密码最少为6个字符");
+        }
+        if (password.length() > MAX_PASSWORD_LENGTH) {
+            throw new RuntimeException("密码最多为72个字符");
+        }
+    }
+
 }
diff --git a/hippo4j-ui/src/views/login/index.vue b/hippo4j-ui/src/views/login/index.vue
index 7710cf18..01ac98d2 100755
--- a/hippo4j-ui/src/views/login/index.vue
+++ b/hippo4j-ui/src/views/login/index.vue
@@ -88,7 +88,9 @@ export default {
     const validatePassword = (rule, value, callback) => {
       if (value.length < 6) {
         callback(new Error('The password can not be less than 6 digits'));
-      } else {
+      } else if (value.length > 72) {
+        callback(new Error('The password can not be greater than 72 digits'));
+      }else {
         callback();
       }
     };