diff --git a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
index a02da64..a35f862 100644
--- a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
@@ -19,6 +19,6 @@ public class UserPasswordDto {
     private String oldPassword;
 
     @NotBlank(message = "新密码不可为空！")
-    @Pattern(regexp = StrengthUtils.PATTERN, message = "密码强度不够，至少应该包含数字、大小写字母、符号组合！")
+    @Pattern(regexp = StrengthUtils.PATTERN, message = "密码强度不够，12-18位，至少应该包含数字、大小写字母、符号组合！")
     private String password;
 }
diff --git a/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java b/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java
index 9dffb40..0520fcf 100644
--- a/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java
@@ -9,7 +9,7 @@ import java.util.regex.Pattern;
  */
 public abstract class StrengthUtils {
 
-    public static final String PATTERN = "^(?![a-zA-z]+$)(?!\\d+$)(?![,.!?~`_+=@#$%^&*;<>':]+$)(?![a-zA-z\\d]+$)(?![a-zA-z,.!?~`_+=@#$%^&*;<>':]+$)(?![\\d,.!?~`_+=@#$%^&*;<>':]+$)[a-zA-Z\\d,.!?~`_+=@#$%^&*;<>':]{8,16}$";
+    public static final String PATTERN = "^(?![a-zA-z]+$)(?!\\d+$)(?![,.!?~`_+=@#$%^&*;<>':]+$)(?![a-zA-z\\d]+$)(?![a-zA-z,.!?~`_+=@#$%^&*;<>':]+$)(?![\\d,.!?~`_+=@#$%^&*;<>':]+$)[a-zA-Z\\d,.!?~`_+=@#$%^&*;<>':]{12,18}$";
 
     /**
      * 此处传入密码明文判定密码可用性