diff --git a/core/core-frontend/src/locales/zh-CN.ts b/core/core-frontend/src/locales/zh-CN.ts
index f1a1621661..9a1a1ed3e6 100644
--- a/core/core-frontend/src/locales/zh-CN.ts
+++ b/core/core-frontend/src/locales/zh-CN.ts
@@ -4153,6 +4153,7 @@ export default {
     status_2: '仅系统管理员',
     platform_tips: '第三方登录方式包括：OIDC、CAS',
     exp_tips: '单位：秒，目前仅在查看账号密码校验 MFA 时生效',
-    user_enable: '启用 MFA 多因子认证'
+    user_enable: '启用 MFA 多因子认证',
+    code_input_msg: '请输入 {0} 位数字'
   }
 }
diff --git a/core/core-frontend/src/views/login/index.vue b/core/core-frontend/src/views/login/index.vue
index cf84908f91..39b3fbe189 100644
--- a/core/core-frontend/src/views/login/index.vue
+++ b/core/core-frontend/src/views/login/index.vue
@@ -73,10 +73,6 @@ const handleLogin = () => {
   if (!formRef.value) return
   formRef.value.validate(async (valid: boolean) => {
     if (valid) {
-      /* if (!checkUsername(state.loginForm.username) || !validatePwd(state.loginForm.password)) {
-        ElMessage.error('用户名或密码错误')
-        return
-      } */
       const name = state.loginForm.username.trim()
       const pwd = state.loginForm.password
       if (!wsCache.get(appStore.getDekey)) {
@@ -88,7 +84,12 @@ const handleLogin = () => {
       cleanPlatformFlag()
       loginApi(param)
         .then(res => {
-          const { token, exp } = res.data
+          const { token, exp, mfa } = res.data
+          if (mfa?.enabled) {
+            xpackLoginHandler.value?.invokeMethod({ methodName: 'toMfa', args: mfa })
+            duringLogin.value = false
+            return
+          }
           userStore.setToken(token)
           userStore.setExp(exp)
           userStore.setTime(Date.now())
diff --git a/de-xpack b/de-xpack
index e8fbdf861b..d3b0867dda 160000
--- a/de-xpack
+++ b/de-xpack
@@ -1 +1 @@
-Subproject commit e8fbdf861bba545298dc728bef41b5806b109cbc
+Subproject commit d3b0867dda8112d038fc4aec5845391ffc2202eb
diff --git a/sdk/common/src/main/java/io/dataease/auth/vo/MfaItem.java b/sdk/common/src/main/java/io/dataease/auth/vo/MfaItem.java
new file mode 100644
index 0000000000..80a1122bcb
--- /dev/null
+++ b/sdk/common/src/main/java/io/dataease/auth/vo/MfaItem.java
@@ -0,0 +1,16 @@
+package io.dataease.auth.vo;
+
+import lombok.Data;
+
+import java.io.Serial;
+import java.io.Serializable;
+
+@Data
+public class MfaItem implements Serializable {
+    @Serial
+    private static final long serialVersionUID = 6647534143991435022L;
+
+    private boolean enabled;
+
+    private boolean ready;
+}
diff --git a/sdk/common/src/main/java/io/dataease/auth/vo/TokenVO.java b/sdk/common/src/main/java/io/dataease/auth/vo/TokenVO.java
index 580eaece0d..bf188547d1 100644
--- a/sdk/common/src/main/java/io/dataease/auth/vo/TokenVO.java
+++ b/sdk/common/src/main/java/io/dataease/auth/vo/TokenVO.java
@@ -21,4 +21,11 @@ public class TokenVO implements Serializable {
 
     @Schema(description = "有效期")
     private Long exp;
+
+    private MfaItem mfa;
+
+    public TokenVO(String token, Long exp) {
+        this.token = token;
+        this.exp = exp;
+    }
 }