diff --git a/server/check.go b/server/check.go
index 45c682d1..c230fd93 100644
--- a/server/check.go
+++ b/server/check.go
@@ -55,7 +55,7 @@ func CheckParent(path string, password string) bool {
 	}
 }
 
-func CheckDownLink(path string, passwordMd5 string) bool {
+func CheckDownLink(path string, passwordMd5 string, name string) bool {
 	if !conf.CheckDown {
 		return true
 	}
@@ -63,7 +63,7 @@ func CheckDownLink(path string, passwordMd5 string) bool {
 	log.Debugf("check down path: %s", path)
 	if err == nil {
 		log.Debugf("check down link: %s,%s", meta.Password, passwordMd5)
-		if meta.Password != "" && utils.Get16MD5Encode(meta.Password) != passwordMd5 {
+		if meta.Password != "" && utils.Get16MD5Encode("alist"+meta.Password+name) != passwordMd5 {
 			return false
 		}
 		return true
@@ -74,6 +74,6 @@ func CheckDownLink(path string, passwordMd5 string) bool {
 		if path == "/" {
 			return true
 		}
-		return CheckDownLink(utils.Dir(path), passwordMd5)
+		return CheckDownLink(utils.Dir(path), passwordMd5, name)
 	}
 }
diff --git a/server/down.go b/server/down.go
index bf46e201..b3250db7 100644
--- a/server/down.go
+++ b/server/down.go
@@ -18,7 +18,7 @@ func Down(c *gin.Context) {
 	rawPath = utils.ParsePath(rawPath)
 	log.Debugf("down: %s", rawPath)
 	pw := c.Query("pw")
-	if !CheckDownLink(utils.Dir(rawPath), pw) {
+	if !CheckDownLink(utils.Dir(rawPath), pw, utils.Base(rawPath)) {
 		ErrorResp(c, fmt.Errorf("wrong password"), 401)
 		return
 	}
@@ -50,7 +50,7 @@ func Proxy(c *gin.Context) {
 	rawPath = utils.ParsePath(rawPath)
 	log.Debugf("proxy: %s", rawPath)
 	pw := c.Query("pw")
-	if !CheckDownLink(utils.Dir(rawPath), pw) {
+	if !CheckDownLink(utils.Dir(rawPath), pw, utils.Base(rawPath)) {
 		ErrorResp(c, fmt.Errorf("wrong password"), 401)
 		return
 	}
diff --git a/server/webdav/file.go b/server/webdav/file.go
index 2845ccef..53687d4a 100644
--- a/server/webdav/file.go
+++ b/server/webdav/file.go
@@ -80,14 +80,14 @@ func (fs *FileSystem) Files(rawPath string) ([]model.File, error) {
 	return driver.Files(path_, account)
 }
 
-func GetPW(path string) string {
+func GetPW(path string, name string) string {
 	if !conf.CheckDown {
 		return ""
 	}
 	meta, err := model.GetMetaByPath(path)
 	if err == nil {
 		if meta.Password != "" {
-			utils.Get16MD5Encode(meta.Password)
+			utils.Get16MD5Encode("alist" + meta.Password + name)
 		}
 		return ""
 	} else {
@@ -97,7 +97,7 @@ func GetPW(path string) string {
 		if path == "/" {
 			return ""
 		}
-		return GetPW(utils.Dir(path))
+		return GetPW(utils.Dir(path), name)
 	}
 }
 
@@ -119,7 +119,7 @@ func (fs *FileSystem) Link(r *http.Request, rawPath string) (string, error) {
 	if driver.Config().OnlyProxy || account.WebdavProxy {
 		link = fmt.Sprintf("%s://%s/p%s", protocol, r.Host, rawPath)
 		if conf.CheckDown {
-			pw := GetPW(utils.Dir(rawPath))
+			pw := GetPW(utils.Dir(rawPath), utils.Base(rawPath))
 			link += "?pw" + pw
 		}
 	} else {
diff --git a/utils/file.go b/utils/file.go
index 977edbc1..50cb36ec 100644
--- a/utils/file.go
+++ b/utils/file.go
@@ -105,4 +105,12 @@ func Dir(path string) string {
 		return path
 	}
 	return path[:idx]
+}
+
+func Base(path string) string {
+	idx := strings.LastIndex(path, "/")
+	if idx == -1 {
+		return path
+	}
+	return path[idx+1:]
 }
\ No newline at end of file