diff --git a/nyaa/forms.py b/nyaa/forms.py
index 6a6508a..eb47565 100644
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@@ -72,23 +72,23 @@ class RegisterForm(FlaskForm):
 
 
 class ProfileForm(FlaskForm):
-    email = TextField('New email address', [
+    email = TextField('New Email Address', [
         Email(),
         Optional(),
         Length(min=5, max=128),
-        Unique(User, User.email, 'Email is taken')
+        Unique(User, User.email, 'This email address has been taken')
     ])
 
-    current_password = PasswordField('Current password', [Optional()])
+    current_password = PasswordField('Current Password', [Required()])
 
-    new_password = PasswordField('New password (confirm)', [
+    new_password = PasswordField('New Password', [
         Optional(),
-        EqualTo('password_confirm', message='Passwords must match'),
+        EqualTo('password_confirm', message='Two passwords must match'),
         Length(min=6, max=1024,
                message='Password must be at least %(min)d characters long.')
     ])
 
-    password_confirm = PasswordField('Repeat Password')
+    password_confirm = PasswordField('Repeat New Password')
 
 
 # Classes for a SelectField that can be set to disable options (id, name, disabled)
diff --git a/nyaa/routes.py b/nyaa/routes.py
index 9c2820f..266689b 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -401,6 +401,11 @@ def profile():
         new_password = form.new_password.data
 
         if new_email:
+            # enforce password check on email change too
+            if form.current_password.data != user.password_hash:
+                flask.flash(flask.Markup(
+                    '<strong>Email change failed!</strong> Incorrect password.'), 'danger')
+                return flask.redirect('/profile')
             user.email = form.email.data
 
         if new_password:
@@ -622,4 +627,4 @@ def site_help():
 @app.route('/api/upload', methods = ['POST'])
 def api_upload():
     api_response = api_handler.api_upload(flask.request)
-    return api_response
\ No newline at end of file
+    return api_response
diff --git a/nyaa/static/css/main.css b/nyaa/static/css/main.css
index 1743595..df3a34d 100644
--- a/nyaa/static/css/main.css
+++ b/nyaa/static/css/main.css
@@ -108,3 +108,7 @@ table.torrent-list thead th.sorting_desc:after {
     border: 1px solid rgba(100, 56, 0, 0.8);
     background: rgba(200,127,0,0.3);
 }
+
+ul.nav-tabs#profileTabs {
+    margin-bottom: 15px;
+}
diff --git a/nyaa/templates/profile.html b/nyaa/templates/profile.html
index 2e6e659..9206730 100644
--- a/nyaa/templates/profile.html
+++ b/nyaa/templates/profile.html
@@ -4,40 +4,63 @@
 {% from "_formhelpers.html" import render_field %}
 
 <h1>Edit Profile</h1>
-	<form method="POST">
-		{{ form.csrf_token }}
 
-		<div class="row">
-			<div class="form-group col-md-4">
-				{{ render_field(form.email, class_='form-control', placeholder='New email address') }}
-			</div>
-		</div>
+<ul class="nav nav-tabs" id="profileTabs" role="tablist">
+    <li role="presentation" class="active">
+        <a href="#password-change" id="password-change-tab" role="tab" data-toggle="tab" aria-controls="profile" aria-expanded="true">Password</a>
+    </li>
+    <li role="presentation">
+        <a href="#email-change" id="email-change-tab" role="tab" data-toggle="tab" aria-controls="profile" aria-expanded="false">Email</a>
+    </li>
+</ul>
+<div class="tab-content">
+    <div class="tab-pane fade active in" role="tabpanel" id="password-change" aria-labelledby="password-change-tab">
+        <form method="POST">
+            {{ form.csrf_token }}
+            <div class="row">
+                <div class="form-group col-md-4">
+                    {{ render_field(form.current_password, class_='form-control', placeholder='Current password') }}
+                </div>
+            </div>
+            <div class="row">
+                <div class="form-group col-md-4">
+                    {{ render_field(form.new_password, class_='form-control', placeholder='New password') }}
+                </div>
+            </div>
+            <div class="row">
+                <div class="form-group col-md-4">
+                    {{ render_field(form.password_confirm, class_='form-control', placeholder='New password (confirm)') }}
+                </div>
+            </div>
+            <br>
+            <div class="row">
+                <div class="col-md-4">
+                    <input type="submit" value="Update" class="btn btn-primary">
+                </div>
+            </div>
+        </form>
+    </div>
+    <div class="tab-pane fade" role="tabpanel" id="email-change" aria-labelledby="email-change-tab">
+        <form method="POST">
+            {{ form.csrf_token }}
+            <div class="row">
+                <div class="form-group col-md-4">
+                    {{ render_field(form.email, class_='form-control', placeholder='New email address') }}
+                </div>
+            </div>
+            <div class="row">
+                <div class="form-group col-md-4">
+                    {{ render_field(form.current_password, class_='form-control', placeholder='Current password') }}
+                </div>
+            </div>
+            <br>
+            <div class="row">
+                <div class="col-md-4">
+                    <input type="submit" value="Update" class="btn btn-primary">
+                </div>
+            </div>
+        </form>
+    </div>
+</div>
 
-		<div class="row">
-			<div class="form-group col-md-4">
-				{{ render_field(form.current_password, class_='form-control', placeholder='Current password') }}
-			</div>
-		</div>
-
-		<div class="row">
-			<div class="form-group col-md-4">
-				{{ render_field(form.new_password, class_='form-control', placeholder='New password') }}
-			</div>
-		</div>
-
-		<div class="row">
-			<div class="form-group col-md-4">
-				{{ render_field(form.password_confirm, class_='form-control', placeholder='New password (confirm)') }}
-			</div>
-		</div>
-
-		<br>
-
-		<div class="row">
-			<div class="col-md-4">
-				<input type="submit" value="Update" class="btn btn-primary">
-			</div>
-		</div>
-	</form>
 {% endblock %}
-