diff --git a/application/admin/controller/auth/Admin.php b/application/admin/controller/auth/Admin.php
index a7dc6da6b8287430a3b257ec864c452bc24694c0..614d5c00df0283d41fa4387d0fcd32db5b729957 100644
--- a/application/admin/controller/auth/Admin.php
+++ b/application/admin/controller/auth/Admin.php
@@ -129,7 +129,7 @@ class Admin extends Backend
                         exception(__("Please input correct password"));
                     }
                     $params['salt'] = Random::alnum();
-                    $params['password'] = md5(md5($params['password']) . $params['salt']);
+                    $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']);
                     $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
                     $result = $this->model->validate('Admin.add')->save($params);
                     if ($result === false) {
@@ -183,7 +183,7 @@ class Admin extends Backend
                             exception(__("Please input correct password"));
                         }
                         $params['salt'] = Random::alnum();
-                        $params['password'] = md5(md5($params['password']) . $params['salt']);
+                        $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']);
                     } else {
                         unset($params['password'], $params['salt']);
                     }
diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php
index be2b60a357b0e263950799759be20d22b44add1d..4900c013fdcf1648567d9d0855887903708395b7 100644
--- a/application/admin/library/Auth.php
+++ b/application/admin/library/Auth.php
@@ -51,7 +51,7 @@ class Auth extends \fast\Auth
             $this->setError('Please try again after 1 day');
             return false;
         }
-        if ($admin->password != md5(md5($password) . $admin->salt)) {
+        if ($admin->password != Admin::encryptPassword($password, $admin->salt)) {
             $admin->loginfailure++;
             $admin->save();
             $this->setError('Password is incorrect');
diff --git a/application/admin/model/Admin.php b/application/admin/model/Admin.php
index 8c47f6f7447835740c41491caaf814143c0d0b0f..062028cd72f017dba4d05320716298d8975e6fc9 100644
--- a/application/admin/model/Admin.php
+++ b/application/admin/model/Admin.php
@@ -4,6 +4,7 @@ namespace app\admin\model;
 
 use think\Model;
 use think\Session;
+use fast\Random;
 
 class Admin extends Model
 {
@@ -15,20 +16,25 @@ class Admin extends Model
     protected $updateTime = 'updatetime';
 
     /**
-     * 重置用户密码
-     * @author baiyouwen
+     * 修改用户密码
+     *
+     * @param int $uid
+     * @param string $NewPassword
+     * @return boolean
      */
-    public function resetPassword($uid, $NewPassword)
+    public static function changePassword($uid, $NewPassword)
     {
-        $passwd = $this->encryptPassword($NewPassword);
-        $ret = $this->where(['id' => $uid])->update(['password' => $passwd]);
-        return $ret;
+        $salt = Random::alnum(6);
+        return self::where('id', $uid)->update([
+            'salt' => $salt, 
+            'password' => self::encryptPassword($NewPassword, $salt)
+        ]);
     }
 
     // 密码加密
-    protected function encryptPassword($password, $salt = '', $encrypt = 'md5')
+    public static function encryptPassword($password, $salt = '', $encrypt = 'md5')
     {
-        return $encrypt($password . $salt);
+        return $encrypt($encrypt($password) . $salt);
     }
 
 }