diff --git a/service/controller/inboundbuilder.go b/service/controller/inboundbuilder.go
index d2bb6f2..c95684b 100644
--- a/service/controller/inboundbuilder.go
+++ b/service/controller/inboundbuilder.go
@@ -3,6 +3,7 @@ package controller
 
 import (
 	"crypto/rand"
+	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
@@ -105,10 +106,16 @@ func InboundBuilder(config *Config, nodeInfo *api.NodeInfo, tag string) (*core.I
 
 		proxySetting, _ := proxySetting.(*conf.ShadowsocksServerConfig)
 		// shadowsocks must have a random password
-		if !C.Contains(shadowaead_2022.List, cipher) {
-			b := make([]byte, 16)
-			rand.Read(b)
-			proxySetting.Password = hex.EncodeToString(b)
+		// shadowsocks2022's password == user PSK, thus should a length of string >= 32 and base64 encoder
+		b := make([]byte, 32)
+		rand.Read(b)
+		randPasswd := hex.EncodeToString(b)
+		if C.Contains(shadowaead_2022.List, cipher) {
+			proxySetting.Users = append(proxySetting.Users, &conf.ShadowsocksUserConfig{
+				Password: base64.StdEncoding.EncodeToString(b),
+			})
+		} else {
+			proxySetting.Password = randPasswd
 		}
 
 		proxySetting.NetworkList = &conf.NetworkList{"tcp", "udp"}
diff --git a/service/controller/userbuilder.go b/service/controller/userbuilder.go
index e2f9483..bec47a6 100644
--- a/service/controller/userbuilder.go
+++ b/service/controller/userbuilder.go
@@ -1,6 +1,7 @@
 package controller
 
 import (
+	"encoding/base64"
 	"fmt"
 	"strings"
 
@@ -10,6 +11,7 @@ import (
 	"github.com/xtls/xray-core/common/serial"
 	"github.com/xtls/xray-core/infra/conf"
 	"github.com/xtls/xray-core/proxy/shadowsocks"
+	"github.com/xtls/xray-core/proxy/shadowsocks_2022"
 	"github.com/xtls/xray-core/proxy/trojan"
 	"github.com/xtls/xray-core/proxy/vless"
 
@@ -78,11 +80,14 @@ func (c *Controller) buildSSUser(userInfo *[]api.UserInfo, method string) (users
 	for i, user := range *userInfo {
 		// todo waiting xray-core complete proxy.UserManager in shadowsocks2022
 		if C.Contains(shadowaead_2022.List, strings.ToLower(method)) {
+			e := c.buildUserTag(&user)
 			users[i] = &protocol.User{
 				Level: 0,
-				Email: c.buildUserTag(&user),
-				Account: serial.ToTypedMessage(&shadowsocks.Account{
-					Password: user.Passwd,
+				Email: e,
+				Account: serial.ToTypedMessage(&shadowsocks_2022.User{
+					Key:   base64.StdEncoding.EncodeToString([]byte(user.Passwd)),
+					Email: e,
+					Level: 0,
 				}),
 			}
 		} else {
@@ -105,11 +110,14 @@ func (c *Controller) buildSSPluginUser(userInfo *[]api.UserInfo) (users []*proto
 	for i, user := range *userInfo {
 		// todo waiting xray-core complete proxy.UserManager in shadowsocks2022
 		if C.Contains(shadowaead_2022.List, strings.ToLower(user.Method)) {
+			e := c.buildUserTag(&user)
 			users[i] = &protocol.User{
 				Level: 0,
-				Email: c.buildUserTag(&user),
-				Account: serial.ToTypedMessage(&shadowsocks.Account{
-					Password: user.Passwd,
+				Email: e,
+				Account: serial.ToTypedMessage(&shadowsocks_2022.User{
+					Key:   base64.StdEncoding.EncodeToString([]byte(user.Passwd)),
+					Email: e,
+					Level: 0,
 				}),
 			}
 		} else {