Index: ssts-datasync-default-impl/src/main/java/com/forgon/disinfectsystem/verification/SmsVerificationCodeManagerImpl.java
===================================================================
diff -u -r40909 -r40912
--- ssts-datasync-default-impl/src/main/java/com/forgon/disinfectsystem/verification/SmsVerificationCodeManagerImpl.java	(.../SmsVerificationCodeManagerImpl.java)	(revision 40909)
+++ ssts-datasync-default-impl/src/main/java/com/forgon/disinfectsystem/verification/SmsVerificationCodeManagerImpl.java	(.../SmsVerificationCodeManagerImpl.java)	(revision 40912)
@@ -64,7 +64,10 @@
 
 	@SuppressWarnings("unchecked")
 	@Override
-	public void sendVerificationCodeSms(String loginName) {
+	public void sendVerificationCodeSms(String loginName, String scene) {
+		if(!StringUtils.equals(scene, SmsVerificationCode.SCENE_LOGIN) && !StringUtils.equals(scene, SmsVerificationCode.SCENE_RESET_PWD)){
+			throw new RuntimeException("验证码使用场景异常！");
+		}
 		Date nowDateTime = new Date();
 		Session session = objectDao.getHibernateSession();
 		Query query = session.createQuery(String.format("select po from %s po where name = :name", User.class.getSimpleName()));
@@ -89,7 +92,7 @@
 		//若同时启用了配置项“loginSecurirtyConfig”时，验证码输入后的验证失败次数也计算为登录失败的次数。
 		loginSecurirtyConfig(loginUser, nowDateTime);
 		//查询最后发送的验证码，用于校验用户是否频繁发送短信；同一个用户每次点击发送获取验证码后，有一分钟的冷却时间；
-		SmsVerificationCode lastSmsVerificationCode = getLastSmsVerificationCode(loginName, smsMumber);
+		SmsVerificationCode lastSmsVerificationCode = getLastSmsVerificationCode(loginName, smsMumber, scene);
 		if(lastSmsVerificationCode != null){
 			//同一个用户每次点击发送获取验证码后，有一分钟的冷却时间；
 			//验证码在验证成功后直接废弃，废弃时冷却时间需要同步重置；
@@ -124,6 +127,7 @@
 		newSmsVerificationCode.setSmsNumber(smsMumber);
 		newSmsVerificationCode.setUserName(loginName);
 		newSmsVerificationCode.setVerificationCode(verificationCode);
+		newSmsVerificationCode.setScene(scene);
 		objectDao.saveOrUpdate(newSmsVerificationCode);
 	}
 	
@@ -152,14 +156,16 @@
 	 * 获取已经发送成功的最新一条短信验证码
 	 * @param userName 用户名
 	 * @param smsMumber 手机号码
+	 * @param scene 使用场景
 	 * @return 短信验证码
 	 */
 	@SuppressWarnings("unchecked")
-	private SmsVerificationCode getLastSmsVerificationCode(String userName, String smsNumber) {
-		String condition = " where userName = :userName and smsNumber = :smsNumber order by createDateTime desc";
+	private SmsVerificationCode getLastSmsVerificationCode(String userName, String smsNumber, String scene) {
+		String condition = " where userName = :userName and smsNumber = :smsNumber and scene = :scene order by createDateTime desc";
 		Map<String, Object> params = new HashMap<String, Object>();
 		params.put("userName", userName);
 		params.put("smsNumber", smsNumber);
+		params.put("scene", scene);
 		List<SmsVerificationCode> smsVerificationCodeList = objectDao.getCollection(SmsVerificationCode.class.getSimpleName(), condition, params, 0, 1);
 		if(CollectionUtils.isNotEmpty(smsVerificationCodeList)){
 			return smsVerificationCodeList.get(0);
@@ -169,14 +175,17 @@
 
 	@SuppressWarnings("unchecked")
 	@Override
-	public void validateVerificationCode(String loginName, String smsVerificationCode) {
+	public void validateVerificationCode(String loginName, String smsVerificationCode, String scene) {
 		if(!StringUtils.equals("1", ConfigUtils.getSystemSetConfigByName("enableTwoFactorAuthentication"))){
 			return;
 		}
 		String needBeStrongPwdWhenModifyPwd = ConfigUtils.getSystemSetConfigByName("needBeStrongPwdWhenModifyPwd");
 		if(StringUtils.isBlank(needBeStrongPwdWhenModifyPwd)){
 			return;
 		}
+		if(!StringUtils.equals(scene, SmsVerificationCode.SCENE_LOGIN) && !StringUtils.equals(scene, SmsVerificationCode.SCENE_RESET_PWD)){
+			throw new RuntimeException("验证码使用场景异常！");
+		}
 		if(StringUtils.isBlank(loginName)){
 			throw new SystemException("用户名不能为空！");
 		}
@@ -202,7 +211,7 @@
 		//若同时启用了配置项“loginSecurirtyConfig”时，验证码输入后的验证失败次数也计算为登录失败的次数。
 		loginSecurirtyConfig(loginUser, nowDateTime);
 		//获取已经发送成功的最新一条短信验证码
-		SmsVerificationCode lastSmsVerificationCode = getLastSmsVerificationCode(loginName, smsMumber);
+		SmsVerificationCode lastSmsVerificationCode = getLastSmsVerificationCode(loginName, smsMumber, scene);
 		if(lastSmsVerificationCode == null){
 			throw new SystemException("验证码失效，请重新获取验证码。");
 		}
Index: forgon-core/src/main/java/com/forgon/security/model/SmsVerificationCode.java
===================================================================
diff -u -r40906 -r40912
--- forgon-core/src/main/java/com/forgon/security/model/SmsVerificationCode.java	(.../SmsVerificationCode.java)	(revision 40906)
+++ forgon-core/src/main/java/com/forgon/security/model/SmsVerificationCode.java	(.../SmsVerificationCode.java)	(revision 40912)
@@ -83,6 +83,18 @@
 	 * 每人每天发送的短信数量上限20
 	 */
 	public static final Integer MAX_SMS_AMOUNT_USER_DAY = 20;
+	/**
+	 * 场景标识，登录或者修改密码
+	 */
+	private String scene;
+	/**
+	 * 场景标识，登录
+	 */
+	public static final String SCENE_LOGIN = "login";
+	/**
+	 * 场景标识，修改密码
+	 */
+	public static final String SCENE_RESET_PWD = "resetPwd";
 	
 	@Id
 	@GeneratedValue(strategy = GenerationType.AUTO)
@@ -129,4 +141,10 @@
 	public void setVerified(Integer verified) {
 		this.verified = verified;
 	}
+	public String getScene() {
+		return scene;
+	}
+	public void setScene(String scene) {
+		this.scene = scene;
+	}
 }
Index: forgon-core/src/main/java/com/forgon/directory/service/SmsVerificationCodeManager.java
===================================================================
diff -u -r40894 -r40912
--- forgon-core/src/main/java/com/forgon/directory/service/SmsVerificationCodeManager.java	(.../SmsVerificationCodeManager.java)	(revision 40894)
+++ forgon-core/src/main/java/com/forgon/directory/service/SmsVerificationCodeManager.java	(.../SmsVerificationCodeManager.java)	(revision 40912)
@@ -9,14 +9,16 @@
 	/**
 	 * 发送验证码的短信
 	 * @param loginName	当前登录用户名称
+	 * @param scene 短信验证码使用场景
 	 */
-	public void sendVerificationCodeSms(String loginName);
+	public void sendVerificationCodeSms(String loginName, String scene);
 
 	/**
 	 * 校验验证码
 	 * @param loginName	当前登录用户名称
 	 * @param authenticationCode 用户输入的验证码
+	 * @param scene 短信验证码使用场景
 	 */
-	public void validateVerificationCode(String loginName, String authenticationCode);
+	public void validateVerificationCode(String loginName, String authenticationCode, String scene);
 
 }
Index: forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java
===================================================================
diff -u -r40894 -r40912
--- forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java	(.../PersonalSettingManagerImpl.java)	(revision 40894)
+++ forgon-core/src/main/java/com/forgon/directory/service/PersonalSettingManagerImpl.java	(.../PersonalSettingManagerImpl.java)	(revision 40912)
@@ -8,6 +8,7 @@
 
 import com.forgon.directory.mailremotemanager.service.RemoteManagerClient;
 import com.forgon.exception.SystemException;
+import com.forgon.security.model.SmsVerificationCode;
 import com.forgon.security.model.User;
 import com.forgon.security.service.UserManager;
 import com.forgon.tools.util.ConfigUtils;
@@ -62,7 +63,7 @@
 			Boolean windowsPasswordComplexityReq = json.optBoolean("windowsPasswordComplexityReq", false);
 			//修改密码前需要校验验证码ZSYY-438
 			if(smsVerificationCodeManager != null){
-				smsVerificationCodeManager.validateVerificationCode(user.getName(), user.getSmsVerificationCode());
+				smsVerificationCodeManager.validateVerificationCode(user.getName(), user.getSmsVerificationCode(), SmsVerificationCode.SCENE_RESET_PWD);
 			}
 			if(!passwordComplexityReq1 && !windowsPasswordComplexityReq && passwordNotContainLoginName && user.getPasswd().toLowerCase().indexOf(user.getName().toLowerCase()) != -1){
 				throw new SystemException("密码不可以包含账号!");
Index: ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java
===================================================================
diff -u -r40894 -r40912
--- ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java	(.../VerificationCodeAction.java)	(revision 40894)
+++ ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java	(.../VerificationCodeAction.java)	(revision 40912)
@@ -158,9 +158,10 @@
 	public void sendAuthenticationCodeSms(){
 		JSONObject result = JSONUtil.buildJsonObject(true, "短信验证码发送成功！");
 		String loginName = StrutsParamUtils.getPraramValue("loginName", "");
+		String scene = StrutsParamUtils.getPraramValue("scene", "");
 		try {
 			loginName = RSAEncrypt.decrypt(loginName);
-			smsVerificationCodeManager.sendVerificationCodeSms(loginName);
+			smsVerificationCodeManager.sendVerificationCodeSms(loginName, scene);
 		} catch (SystemException e) {
 			result = JSONUtil.buildJsonObject(false, e.getMessage());
 			e.printStackTrace();
@@ -180,13 +181,14 @@
 		JSONObject result = JSONUtil.buildJsonObject(true, "短信验证码校验成功！");
 		String loginName = StrutsParamUtils.getPraramValue("loginName", "");
 		String verificationCode = StrutsParamUtils.getPraramValue("verificationCode", "");
+		String scene = StrutsParamUtils.getPraramValue("scene", "");
 		boolean validateSucc = false;
 		User currentLoginedUser = null;
 		try {
 			loginName = RSAEncrypt.decrypt(loginName);
 			verificationCode = RSAEncrypt.decrypt(verificationCode);
 			currentLoginedUser = sysUserManager.getUserByPropertyWithLower("name",loginName);
-			smsVerificationCodeManager.validateVerificationCode(loginName, verificationCode);
+			smsVerificationCodeManager.validateVerificationCode(loginName, verificationCode, scene);
 			logger.info(String.format("用户【%s】验证码校验成功，验证码为：【%s】", loginName, verificationCode));
 			validateSucc = true;
 		} catch (SystemException e) {