diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index 8110d52..f8c1f36 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -13,6 +13,7 @@ use SokoWeb\Response\HtmlContent;
 use SokoWeb\Response\JsonContent;
 use SokoWeb\Response\Redirect;
 use SokoWeb\Util\JwtParser;
+use RVR\Repository\UserRepository;
 
 class UserController implements ISecured
 {
@@ -20,10 +21,13 @@ class UserController implements ISecured
 
     private PersistentDataManager $pdm;
 
+    private UserRepository $userRepository;
+
     public function __construct(IRequest $request)
     {
         $this->request = $request;
         $this->pdm = new PersistentDataManager();
+        $this->userRepository = new UserRepository();
     }
 
     public function authorize(): bool
@@ -126,8 +130,39 @@ class UserController implements ISecured
             return new JsonContent(['error' => ['errorText' => $error]]);
         }
 
-        if (strlen($this->request->post('password_new')) > 0) {
-            if (strlen($this->request->post('password_new')) < 6) {
+        $newEmail = $this->request->post('email');
+        if ($newEmail !== $user->getEmail()) {
+            if (!filter_var($newEmail, FILTER_VALIDATE_EMAIL)) {
+                return new JsonContent(['error' => ['errorText' => 'Please provide a valid email address.']]);
+            }
+
+            if ($this->userRepository->getByEmail($newEmail) !== null) {
+                return new JsonContent(['error' => ['errorText' => 'The given email address belongs to another account.']]);
+            }
+
+            $user->setEmail($newEmail);
+        }
+
+        $newUsername = $this->request->post('username');
+        if ($newUsername !== $user->getUsername()) {
+            if (strlen($newUsername) > 0) {
+                if (filter_var($newUsername, FILTER_VALIDATE_EMAIL)) {
+                    return new JsonContent(['error' => ['errorText' => 'Please select a username that is not a valid email address.']]);
+                }
+
+                if ($this->userRepository->getByUsername($newUsername) !== null) {
+                    return new JsonContent(['error' => ['errorText' => 'The given username is already taken.']]);
+                }
+
+                $user->setUsername($newUsername);
+            } else {
+                $user->setUsername(null);
+            }
+        }
+
+        $newPassword = $this->request->post('password_new');
+        if (strlen($newPassword) > 0) {
+            if (strlen($newPassword) < 6) {
                 return new JsonContent([
                     'error' => [
                         'errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!'
@@ -135,7 +170,7 @@ class UserController implements ISecured
                 ]);
             }
 
-            if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) {
+            if ($newPassword !== $this->request->post('password_new_confirm')) {
                 return new JsonContent([
                     'error' => [
                         'errorText' => 'The given new passwords do not match.'
@@ -143,7 +178,7 @@ class UserController implements ISecured
                 ]);
             }
 
-            $user->setPlainPassword($this->request->post('password_new'));
+            $user->setPlainPassword($newPassword);
         }
 
         $this->pdm->saveToDb($user);
diff --git a/views/account/account.php b/views/account/account.php
index 6a26290..12a979e 100644
--- a/views/account/account.php
+++ b/views/account/account.php
@@ -5,7 +5,7 @@
 @section(main)
     <h2>Account</h2>
     <div class="box">
-        <form id="accountForm" action="/account" method="post" data-observe-inputs="password_new,password_new_confirm">
+        <form id="accountForm" action="/account" method="post" data-observe-inputs="email,username,password_new,password_new_confirm">
             <?php if ($user['password'] !== null && $user['google_sub'] !== null): ?>
                 <p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p>
                 <div class="inputWithButton">
@@ -23,9 +23,8 @@
                 </div>
             <?php endif; ?>
             <hr>
-            <?php /* TODO: disabled for the time being, email modification should be implemented */ ?>
-            <input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $user['email'] ?>" disabled>
-            <input type="text" class="text big fullWidth marginTop" name="username" placeholder="Username" value="<?= $user['username'] ?>" disabled>
+            <input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $user['email'] ?>">
+            <input type="text" class="text big fullWidth marginTop" name="username" placeholder="Username" value="<?= $user['username'] ?>">
             <input type="password" class="text big fullWidth marginTop" name="password_new" placeholder="New password" minlength="6">
             <input type="password" class="text big fullWidth marginTop" name="password_new_confirm" placeholder="New password confirmation" minlength="6">
             <p id="accountFormError" class="formError justify marginTop"></p>