diff --git a/src/App.svelte b/src/App.svelte
index f3017a7..c4ca979 100644
--- a/src/App.svelte
+++ b/src/App.svelte
@@ -49,6 +49,15 @@
     { id: 'other', label: '其他' }
   ];
 
+  // 添加 SHA-256 加密函数
+  async function sha256(message: string): Promise<string> {
+    const msgBuffer = new TextEncoder().encode(message);
+    const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
+    const hashArray = Array.from(new Uint8Array(hashBuffer));
+    const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+    return hashHex;
+  }
+
   // 初始化函数：检查认证状态
   async function initializeAuth() {
     const auth = localStorage.getItem('auth');
@@ -118,13 +127,13 @@
   async function handleLogin(e: Event) {
     e.preventDefault();
     try {
-      // 保存认证信息
-      const auth = btoa(`${username}:${password}`);
+      // 对密码进行加密
+      const hashedPassword = await sha256(password);
 
       // 使用验证接口验证登录
       const response = await request.post<ApiResponse<{token: string}>>('/user/login', {
         username,
-        password
+        password: hashedPassword
       });
       
       if (response.data.code === 200) {