diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 4ab9e55..d299f91 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -4,10 +4,12 @@
     <option name="autoReloadType" value="ALL" />
   </component>
   <component name="ChangeListManager">
-    <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Bug fixes">
+    <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Batch mark notify as read API">
       <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/pkg/server/notifications_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/server/notifications_api.go" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/pkg/server/startup.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/server/startup.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/server/auth_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/server/auth_api.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/services/ticket.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/services/ticket.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/views/partials/header.gohtml" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/views/partials/header.gohtml" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/views/users/personalize.gohtml" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/views/users/personalize.gohtml" afterDir="false" />
     </list>
     <option name="SHOW_DIALOG" value="false" />
     <option name="HIGHLIGHT_CONFLICTS" value="true" />
@@ -140,7 +142,8 @@
     <MESSAGE value=":lipstick: Fix ui design" />
     <MESSAGE value=":bug: Bug fixes of design" />
     <MESSAGE value=":sparkles: Bug fixes" />
-    <option name="LAST_COMMIT_MESSAGE" value=":sparkles: Bug fixes" />
+    <MESSAGE value=":sparkles: Batch mark notify as read API" />
+    <option name="LAST_COMMIT_MESSAGE" value=":sparkles: Batch mark notify as read API" />
   </component>
   <component name="VgoProject">
     <settings-migrated>true</settings-migrated>
diff --git a/pkg/server/auth_api.go b/pkg/server/auth_api.go
index 8250cb9..528b7db 100644
--- a/pkg/server/auth_api.go
+++ b/pkg/server/auth_api.go
@@ -118,7 +118,7 @@ func getToken(c *fiber.Ctx) error {
 		if err != nil {
 			return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("invalid password: %v", err.Error()))
 		} else if err := ticket.IsAvailable(); err != nil {
-			return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("risk detected: %v", err))
+			return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("risk detected: %v (ticketId=%d)", err, ticket.ID))
 		}
 		access, refresh, err = services.ExchangeOauthToken(data.ClientID, data.ClientSecret, data.RedirectUri, *ticket.GrantToken)
 		if err != nil {
diff --git a/pkg/services/ticket.go b/pkg/services/ticket.go
index 194661c..f6d6d19 100644
--- a/pkg/services/ticket.go
+++ b/pkg/services/ticket.go
@@ -12,11 +12,21 @@ import (
 )
 
 func DetectRisk(user models.Account, ip, ua string) bool {
+	var availableFactor int64
+	if err := database.C.
+		Where(models.AuthFactor{AccountID: user.ID}).
+		Where("type != ?", models.PasswordAuthFactor).
+		Model(models.AuthFactor{}).
+		Where(&availableFactor); err != nil || availableFactor <= 0 {
+		return false
+	}
+
 	var secureFactor int64
-	if err := database.C.Where(models.AuthTicket{
-		AccountID: user.ID,
-		IpAddress: ip,
-	}).Model(models.AuthTicket{}).Count(&secureFactor).Error; err == nil {
+	if err := database.C.
+		Where(models.AuthTicket{AccountID: user.ID, IpAddress: ip}).
+		Where("available_at IS NOT NULL").
+		Model(models.AuthTicket{}).
+		Count(&secureFactor).Error; err == nil {
 		if secureFactor >= 1 {
 			return false
 		}
diff --git a/pkg/views/partials/header.gohtml b/pkg/views/partials/header.gohtml
index fcba8b1..8f6349f 100644
--- a/pkg/views/partials/header.gohtml
+++ b/pkg/views/partials/header.gohtml
@@ -83,6 +83,7 @@
         html, body {
             padding: 0;
             margin: 0;
+            background-color: var(--md-sys-color-surface-container);
         }
     </style>
 </head>
diff --git a/pkg/views/users/personalize.gohtml b/pkg/views/users/personalize.gohtml
index 0c9e2d6..b52c439 100644
--- a/pkg/views/users/personalize.gohtml
+++ b/pkg/views/users/personalize.gohtml
@@ -8,9 +8,13 @@
 <div class="right-part">
     <div class="responsive-title-gap"></div>
 
-    <div class="action-form">
-        <div class="input-label">Avatar</div>
+    <div class="personalize-actions">
+        <md-filled-tonal-button class="personalize-action" data-target="avatar">
+            Edit Avatar
+            <span slot="icon" class="material-symbols-outlined">account_circle</span>
+        </md-filled-tonal-button>
         <input
+                hidden
                 id="avatar-input"
                 class="block-field"
                 name="avatar"
@@ -19,8 +23,12 @@
                 placeholder="Avatar"
         >
 
-        <div class="input-label">Banner</div>
+        <md-filled-tonal-button class="personalize-action" data-target="banner">
+           Edit Banner
+            <span slot="icon" class="material-symbols-outlined">background_replace</span>
+        </md-filled-tonal-button>
         <input
+                hidden
                 id="banner-input"
                 class="block-field"
                 name="banner"
@@ -30,8 +38,6 @@
         >
     </div>
 
-    <md-divider style="margin: 1rem 0"></md-divider>
-
     <form class="action-form" action="/users/me/personalize" method="POST">
         <div class="columns-two">
             <md-outlined-text-field
@@ -110,9 +116,32 @@
         font-size: 14px;
         text-align: left;
     }
+
+    .personalize-actions {
+        display: flex;
+        gap: 0.5rem;
+        margin-bottom: 1.5rem;
+        margin-left: -0.2rem;
+        margin-right: -0.2rem;
+    }
+
+    .personalize-actions .personalize-action {
+        width: fit-content;
+    }
+
+    .personalize-action .material-symbols-outlined {
+        font-size: 20px;
+        margin-bottom: 2px;
+    }
 </style>
 
 <script>
+    document.querySelectorAll(".personalize-action").forEach((element) => {
+        element.addEventListener("click", (_) => {
+            document.getElementById(`${element.getAttribute("data-target")}-input`).click();
+        })
+    })
+
     document.getElementById("avatar-input").addEventListener("input", (evt) => {
         if (!evt.target.files) return
         const data = new FormData();