diff --git a/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java b/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
index 0f88b4f6..d78ddc96 100644
--- a/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
+++ b/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
@@ -84,7 +84,7 @@ public class ImageCaptchaEndpoint {
             if(StringUtils.isNotBlank(state) 
             		&& !state.equalsIgnoreCase("state")
             		&& authJwtService.validateJwtToken(state)) {
-            	//do nothing
+            	//just validate state Token
             }else {
             	state = authJwtService.genJwt();
             }
diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
index dce20e23..fad4829e 100644
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
@@ -79,7 +79,11 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
 	        _logger.debug("authentication " + loginCredential);
 	        
 	        Institutions inst = (Institutions)WebContext.getAttribute(WebConstants.CURRENT_INST);
-	        if(inst.getCaptchaSupport().equalsIgnoreCase("YES")) {
+	        
+	        if(this.applicationConfig.getLoginConfig().isCaptcha()) {
+	        	captchaValid(loginCredential.getState(),loginCredential.getCaptcha());
+	        }
+	        else if(inst.getCaptchaSupport().equalsIgnoreCase("YES")) {
 	        	captchaValid(loginCredential.getState(),loginCredential.getCaptcha());
 	        }
 	
diff --git a/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java b/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java
index d130a544..39957188 100644
--- a/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java
@@ -23,6 +23,9 @@ import org.springframework.context.annotation.Configuration;
 @Configuration
 public class LoginConfig {
     
+	@Value("${maxkey.login.captcha}")
+    boolean captcha;
+	
     @Value("${maxkey.login.mfa}")
     boolean mfa;
     
@@ -41,9 +44,15 @@ public class LoginConfig {
     public LoginConfig() {
     }
 
+    public boolean isCaptcha() {
+		return captcha;
+	}
 
+	public void setCaptcha(boolean captcha) {
+		this.captcha = captcha;
+	}
 
-    public boolean isKerberos() {
+	public boolean isKerberos() {
         return kerberos;
     }
 
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java
index f50d72d7..2f596ecc 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java
@@ -118,8 +118,12 @@ public class LoginEntryPoint {
 		
 		Institutions inst = (Institutions)WebContext.getAttribute(WebConstants.CURRENT_INST);
 		model.put("inst", inst);
-		model.put("captcha", inst.getCaptchaSupport());
-		model.put("captchaType", inst.getCaptchaType());
+		if(applicationConfig.getLoginConfig().isCaptcha()) {
+			model.put("captcha", "true");
+		}else {
+			model.put("captcha", inst.getCaptchaSupport());
+			model.put("captchaType", inst.getCaptchaType());
+		}
 		model.put("state", authJwtService.genJwt());
 		//load Social Sign On Providers
 		model.put("socials", socialSignOnProviderService.loadSocials(inst.getId()));
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
index 2d2ca787..8c1c48d0 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
@@ -56,6 +56,8 @@ maxkey.auth.jwt.secret                          =7heM-14BtxjyKPuH3ITIm7q2-ps5MuB
 ############################################################################
 #Login configuration                                                       #
 ############################################################################
+#enable captcha
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:false}
 #enable two factor,use one time password
 maxkey.login.mfa                                =${LOGIN_MFA_ENABLED:true}
 #TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
index ba6a0680..5ffc058b 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
@@ -52,6 +52,8 @@ maxkey.auth.jwt.secret                          =7heM-14BtxjyKPuH3ITIm7q2-ps5MuB
 ############################################################################
 #Login configuration                                                       #
 ############################################################################
+#enable captcha
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:false}
 #enable two factor,use one time password
 maxkey.login.mfa                                =${LOGIN_MFA_ENABLED:true}
 #TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
index de420f40..e52dd2b6 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
@@ -70,8 +70,12 @@ public class LoginEntryPoint {
 		model.put("isRemeberMe", applicationConfig.getLoginConfig().isRemeberMe());
 		Institutions inst = (Institutions)WebContext.getAttribute(WebConstants.CURRENT_INST);
 		model.put("inst", inst);
-		model.put("captcha", inst.getCaptchaSupport());
-		model.put("captchaType", inst.getCaptchaType());
+		if(applicationConfig.getLoginConfig().isCaptcha()) {
+			model.put("captcha", "true");
+		}else {
+			model.put("captcha", inst.getCaptchaSupport());
+			model.put("captchaType", inst.getCaptchaType());
+		}
 		model.put("state", authJwtService.genJwt());
 		return new Message<HashMap<String , Object>>(model).buildResponse();
 	}
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties b/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
index 9b4c0341..861c6bb7 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
@@ -46,6 +46,8 @@ maxkey.auth.jwt.secret                          =7heM-14BtxjyKPuH3ITIm7q2-ps5MuB
 ############################################################################
 #Login configuration                                                       #
 ############################################################################
+#enable captcha
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:true}
 #enable two factor,use one time password
 maxkey.login.mfa                                =false
 #Enable kerberos/SPNEGO