diff --git a/app/stage/auth.html b/app/stage/auth.html
index c4239b94f..c63176e75 100644
--- a/app/stage/auth.html
+++ b/app/stage/auth.html
@@ -466,7 +466,7 @@
       method: 'POST',
       body: JSON.stringify({
         authCode: inputElement.value,
-        captchaImg: captchaElement.value,
+        captcha: captchaElement.value,
       }),
     }).then((response) => {
       return response.json()
diff --git a/kernel/model/session.go b/kernel/model/session.go
index 0a634fdaf..de75918bc 100644
--- a/kernel/model/session.go
+++ b/kernel/model/session.go
@@ -63,21 +63,19 @@ func LoginAuth(c *gin.Context) {
 	var inputCaptcha string
 	session := util.GetSession(c)
 	if session.NeedCaptcha() {
-		_ = inputCaptcha
-		//captchaArg := arg["captcha"]
-		//if nil == captchaArg {
-		//	c.Status(400)
-		//	ret.Code = -1
-		//	ret.Msg = "need input captcha"
-		//	return
-		//}
-		//inputCaptcha = captchaArg.(string)
-		//
-		//if session.Captcha != inputCaptcha {
-		//	ret.Code = -1
-		//	ret.Msg = "invalid captcha"
-		//	return
-		//}
+		captchaArg := arg["captcha"]
+		if nil == captchaArg {
+			ret.Code = 1
+			ret.Msg = "need input captcha"
+			return
+		}
+		inputCaptcha = captchaArg.(string)
+
+		if session.Captcha != inputCaptcha {
+			ret.Code = 1
+			ret.Msg = "invalid captcha"
+			return
+		}
 	}
 
 	authCode := arg["authCode"].(string)
@@ -110,7 +108,12 @@ func LoginAuth(c *gin.Context) {
 }
 
 func GetCaptcha(c *gin.Context) {
-	img, err := captcha.NewMathExpr(150, 30)
+	img, err := captcha.New(100, 26, func(options *captcha.Options) {
+		options.CharPreset = "abcdefghjkmnpqrtuvwxyz2346789"
+		options.Noise = 0.5
+		options.CurveNumber = 0
+		options.FontScale = 1.2
+	})
 	if nil != err {
 		util.LogErrorf("generates captcha failed: " + err.Error())
 		c.Status(500)