diff --git a/docs/authn/fgpwd.md b/docs/authn/fgpwd.md
new file mode 100644
index 000000000..eebdc8113
--- /dev/null
+++ b/docs/authn/fgpwd.md
@@ -0,0 +1,123 @@
+忘记密码
+
+忘记密码一般都是通过2种方式找回:一种是通过预留电话号码发送验证码找回,另一个是通过设定邮箱找回。
+
+主要步骤如下:
+
+1、在登录界面点击“忘记密码”
+
+
+
+2、输入用户对应的邮箱或者手机号码,如果找到用户则发送邮件或者手机验证码
+
+
+
+3、重置密码,需要输入新的密码及验证码
+
+
+
+4、重置成功,提示返回登录界面重新登录
+
+
+
+验证码
+
+1、短信验证码 腾讯云短信/阿里云短信/网易云信/定制
+
+2、电子邮件
+
+
+短信验证码
+
+腾讯云短信
+配置maxkey中spring/maxkey-security.xml
+secretId 账号Appkey
+
+secretKey 密钥appSecret
+
+smsSdkAppid 短信SDKAPPID
+
+templateId 短信模板ID
+
+sign 签名
+
+
+<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnTencentCloud">
+ <property name="secretId" value="94395d754eb55693043f5d6a2b772ef4" />
+ <property name="secretKey" value="05d5485357bc" />
+ <property name="smsSdkAppid" value="1486220095" />
+ <property name="templateId" value="14860095" />
+ <property name="sign" value="1486009522" />
+</bean>
+
+
+
+阿里云短信
+配置maxkey中spring/maxkey-security.xml
+
+accessKeyId 账号Appkey
+
+accessSecret 密钥appSecret
+
+templateCode 短信模板ID
+
+signName 签名
+
+
+<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnAliyun">
+ <property name="accessKeyId" value="94395d754eb55693043f5d6a2b772ef3" />
+ <property name="accessSecret" value="05d5485357bc" />
+ <property name="templateCode" value="SMS_187590021" />
+ <property name="signName" value="MaxKey" />
+</bean>
+
+
+
+网易云信
+配置maxkey中spring/maxkey-security.xml
+
+appKey 网易云信分配的账号Appkey
+
+appSecret 网易云信分配的密钥appSecret
+
+templateId 短信模板ID
+
+
+<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
+ <property name="appKey" value="94395d754eb55693043f5d6a2b772ef4" />
+ <property name="appSecret" value="05d5485357bc" />
+ <property name="templateId" value="14860095" />
+</bean>
+
+
+
+电子邮件
+
+配置邮箱地址
+
+文件
+maxkey/config/applicationConfig.properties
+
+
+# EMAIL configuration
+config.email.username=maxkey@163.com
+config.email.password=password
+config.email.smtpHost=smtp.163.com
+config.email.port=465
+config.email.senderMail=maxkey@163.com
+config.email.ssl=true
+
+
+配置maxkey中spring/maxkey-security.xml
+
+subject 邮件主题
+
+messageTemplate 邮件内容模板,请勿修改参数{0}为用户名,{1}认证码,{2}有效间隔
+
+
+
+<bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
+ <property name="subject" value="MaxKey One Time PassWord" />
+ <property name="messageTemplate" value="{0} You Token is {1} , it validity in {2} minutes." />
+</bean>
+
\ No newline at end of file
diff --git a/docs/images/authn/fgpwd-1.png b/docs/images/authn/fgpwd-1.png
new file mode 100644
index 000000000..d1fdccc7d
Binary files /dev/null and b/docs/images/authn/fgpwd-1.png differ
diff --git a/docs/images/authn/fgpwd-2.png b/docs/images/authn/fgpwd-2.png
new file mode 100644
index 000000000..c0664dd0a
Binary files /dev/null and b/docs/images/authn/fgpwd-2.png differ
diff --git a/docs/images/authn/fgpwd-3.png b/docs/images/authn/fgpwd-3.png
new file mode 100644
index 000000000..97f372851
Binary files /dev/null and b/docs/images/authn/fgpwd-3.png differ
diff --git a/docs/images/authn/fgpwd-4.png b/docs/images/authn/fgpwd-4.png
new file mode 100644
index 000000000..58e9e4825
Binary files /dev/null and b/docs/images/authn/fgpwd-4.png differ
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
index 50be7b14f..8105b28ac 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
@@ -69,14 +69,12 @@ public class ForgotPasswordContorller {
.equals(WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString())) {
userInfo = userInfoService.queryUserInfoByEmailMobile(emailMobile);
- Matcher matcher = emailRegex.matcher(emailMobile);
+ Matcher matcher = emailRegex.matcher(emailMobile);
if (matcher.matches() && null != userInfo) {
tfaMailOptAuthn.produce(userInfo);
forgotType = ForgotType.EMAIL;
- }
- matcher = mobileRegex.matcher(emailMobile);
- if (matcher.matches() && null != userInfo) {
+ }else if (null != userInfo) {
tfaMobileOptAuthn.produce(userInfo);
forgotType = ForgotType.MOBILE;
}