diff --git a/epmet-auth/src/main/java/com/epmet/controller/GovWebController.java b/epmet-auth/src/main/java/com/epmet/controller/GovWebController.java
index cdb5517058..a3a36c9588 100644
--- a/epmet-auth/src/main/java/com/epmet/controller/GovWebController.java
+++ b/epmet-auth/src/main/java/com/epmet/controller/GovWebController.java
@@ -1,6 +1,7 @@
 package com.epmet.controller;
 
 import com.epmet.auth.dto.result.BlockChainStaffAuthResultDTO;
+import com.epmet.commons.tools.constant.NumConstant;
 import com.epmet.commons.tools.utils.RSASignature;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.commons.tools.validator.ValidatorUtils;
@@ -9,6 +10,7 @@ import com.epmet.dto.form.GovWebLoginFormDTO;
 import com.epmet.dto.result.UserTokenResultDTO;
 import com.epmet.service.GovWebService;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -44,11 +46,11 @@ public class GovWebController {
         ValidatorUtils.validateEntity(formDTO);
 
         try {
-            if (formDTO.getPassword().length() > 50) {
+            if (StringUtils.isNotBlank(formDTO.getPassword())&&formDTO.getPassword().length() > NumConstant.FIFTY) {
                 String newPassword = RSASignature.decryptByPrivateKey(formDTO.getPassword(), privateKey);
                 formDTO.setPassword(newPassword);
             }
-            if (formDTO.getPhone().length() > 50) {
+            if (StringUtils.isNotBlank(formDTO.getPhone())&&formDTO.getPhone().length() > NumConstant.FIFTY) {
                 String phone = RSASignature.decryptByPrivateKey(formDTO.getPhone(), privateKey);
                 formDTO.setPhone(phone);
             }
diff --git a/epmet-auth/src/main/java/com/epmet/controller/LoginController.java b/epmet-auth/src/main/java/com/epmet/controller/LoginController.java
index 79efcf7054..08e40eb99d 100644
--- a/epmet-auth/src/main/java/com/epmet/controller/LoginController.java
+++ b/epmet-auth/src/main/java/com/epmet/controller/LoginController.java
@@ -99,15 +99,15 @@ public class LoginController {
 		//效验数据
 		ValidatorUtils.validateEntity(formDTO);
 		//解密密码
-		if (formDTO.getPhone().length() > NumConstant.FIFTY) {
+		if (StringUtils.isNotBlank(formDTO.getPhone())&&formDTO.getPhone().length() > NumConstant.FIFTY) {
 			String phone = RSASignature.decryptByPrivateKey(formDTO.getPhone(), privateKey);
 			formDTO.setPhone(phone);
 		}
-		if (formDTO.getMobile().length() > NumConstant.FIFTY) {
+		if (StringUtils.isNotBlank(formDTO.getMobile())&&formDTO.getMobile().length() > NumConstant.FIFTY) {
 			String phone = RSASignature.decryptByPrivateKey(formDTO.getMobile(), privateKey);
 			formDTO.setMobile(phone);
 		}
-		if (formDTO.getPassword().length() > NumConstant.FIFTY) {
+		if (StringUtils.isNotBlank(formDTO.getPassword())&&formDTO.getPassword().length() > NumConstant.FIFTY) {
 			String confirmNewPassWord = RSASignature.decryptByPrivateKey(formDTO.getPassword(), privateKey);
 			formDTO.setPassword(confirmNewPassWord);
 		}