diff --git a/backend/main.go b/backend/main.go
index b636d3fd..170aede4 100644
--- a/backend/main.go
+++ b/backend/main.go
@@ -269,13 +269,14 @@ func main() {
 			}
 			// 用户
 			{
-				authGroup.GET("/users", routes.GetUserList)       // 用户列表
-				authGroup.GET("/users/:id", routes.GetUser)       // 用户详情
-				authGroup.POST("/users/:id", routes.PostUser)     // 更改用户
-				authGroup.DELETE("/users/:id", routes.DeleteUser) // 删除用户
-				authGroup.PUT("/users-add", routes.PutUser)       // 添加用户
-				authGroup.GET("/me", routes.GetMe)                // 获取自己账户
-				authGroup.POST("/me", routes.PostMe)              // 修改自己账户
+				authGroup.GET("/users", routes.GetUserList)                        // 用户列表
+				authGroup.GET("/users/:id", routes.GetUser)                        // 用户详情
+				authGroup.POST("/users/:id", routes.PostUser)                      // 更改用户
+				authGroup.DELETE("/users/:id", routes.DeleteUser)                  // 删除用户
+				authGroup.PUT("/users-add", routes.PutUser)                        // 添加用户
+				authGroup.GET("/me", routes.GetMe)                                 // 获取自己账户
+				authGroup.POST("/me", routes.PostMe)                               // 修改自己账户
+				authGroup.POST("/me/change-password", routes.PostMeChangePassword) // 修改自己密码
 			}
 			// 系统
 			{
diff --git a/backend/model/schedule.go b/backend/model/schedule.go
index 5faba03b..5d0da286 100644
--- a/backend/model/schedule.go
+++ b/backend/model/schedule.go
@@ -69,7 +69,10 @@ func GetScheduleList(filter interface{}) ([]Schedule, error) {
 		if schedule.RunType == constants.RunTypeSelectedNodes {
 			for _, nodeId := range schedule.NodeIds {
 				// 选择单一节点
-				node, _ := GetNode(nodeId)
+				node, err := GetNode(nodeId)
+				if err != nil {
+					continue
+				}
 				schedule.Nodes = append(schedule.Nodes, node)
 			}
 		}
diff --git a/backend/routes/user.go b/backend/routes/user.go
index 23391a48..abb77170 100644
--- a/backend/routes/user.go
+++ b/backend/routes/user.go
@@ -279,9 +279,6 @@ func PostMe(c *gin.Context) {
 	if reqBody.Email != "" {
 		user.Email = reqBody.Email
 	}
-	if reqBody.Password != "" {
-		user.Password = utils.EncryptPassword(reqBody.Password)
-	}
 	if reqBody.Setting.NotificationTrigger != "" {
 		user.Setting.NotificationTrigger = reqBody.Setting.NotificationTrigger
 	}
@@ -311,3 +308,33 @@ func PostMe(c *gin.Context) {
 		Message: "success",
 	})
 }
+
+func PostMeChangePassword(c *gin.Context) {
+	ctx := context.WithGinContext(c)
+	user := ctx.User()
+	if user == nil {
+		ctx.FailedWithError(constants.ErrorUserNotFound, http.StatusUnauthorized)
+		return
+	}
+	var reqBody model.User
+	if err := c.ShouldBindJSON(&reqBody); err != nil {
+		HandleErrorF(http.StatusBadRequest, c, "invalid request")
+		return
+	}
+	if reqBody.Password == "" {
+		HandleErrorF(http.StatusBadRequest, c, "password is empty")
+		return
+	}
+	if user.UserId.Hex() == "" {
+		user.UserId = bson.ObjectIdHex(constants.ObjectIdNull)
+	}
+	user.Password = utils.EncryptPassword(reqBody.Password)
+	if err := user.Save(); err != nil {
+		HandleError(http.StatusInternalServerError, c, err)
+		return
+	}
+	c.JSON(http.StatusOK, Response{
+		Status:  "ok",
+		Message: "success",
+	})
+}