diff --git a/Admin/admin.php b/Admin/admin.php
index 339f3a71..1a55e669 100644
--- a/Admin/admin.php
+++ b/Admin/admin.php
@@ -86,7 +86,8 @@ function admin_validated_page(string $raw): string
         'addUsers', 'users', 'admin_log', 'config', 'debug_log',
         'editServerSet', 'editPlusSet', 'editLogSet', 'editNewsboxSet',
         'editExtraSet', 'editAdminInfo', 'resetServer', 'player', 'editUser',
-        'deletion', 'Newmessage', 'editPlus', 'editSitter', 'editOverall',
+        'deletion', 'Newmessage', 'editPlus', 'editSitter', 'editPassword',
+        'editProtection', 'editOverall',
         'editWeek', 'userlogin', 'userillegallog', 'editHero', 'editAdditional',
         'village', 'editResources', 'addTroops', 'addABTroops', 'editVillage',
         'villagelog', 'techlog', 'msg',
@@ -347,6 +348,26 @@ if ($page !== '') {
             }
             break;
 
+        case 'editPassword':
+            $uid = admin_input_id($_GET, 'uid');
+            if ($uid !== null) {
+                $user    = $database->getUserArray($uid, 1);
+                $subpage = 'Edit Password (' . e($user['username']) . ')';
+            } else {
+                $subpage = 'Edit Password';
+            }
+            break;
+
+        case 'editProtection':
+            $uid = admin_input_id($_GET, 'uid');
+            if ($uid !== null) {
+                $user    = $database->getUserArray($uid, 1);
+                $subpage = 'Edit Protection (' . e($user['username']) . ')';
+            } else {
+                $subpage = 'Edit Protection';
+            }
+            break;
+
         case 'editOverall':
             $uid = admin_input_id($_GET, 'uid');
             if ($uid !== null) {
diff --git a/GameEngine/Admin/Mods/editUsername.php b/GameEngine/Admin/Mods/editUsername.php
index 18aa74ea..6ae99ace 100755
--- a/GameEngine/Admin/Mods/editUsername.php
+++ b/GameEngine/Admin/Mods/editUsername.php
@@ -60,7 +60,18 @@ if (!$admin || (int)$admin['access'] !== 9) {
 // ---------------------------------------------------------------------------
 // Validare username
 // ---------------------------------------------------------------------------
-if (strlen($username) < 3 || strlen($username) > 20 || !preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
+// Mirror the sign-up rule (Account.php, issue #184) so an admin can rename a
+// player to any name registration would accept. The allowed character set
+// depends on USRNM_SPECIAL: when on, letters/digits/.-_ and single internal
+// spaces; when off, ASCII alphanumerics only.
+$usernameSpecial = defined('USRNM_SPECIAL') ? USRNM_SPECIAL : false;
+$minLen = defined('USRNM_MIN_LENGTH') ? USRNM_MIN_LENGTH : 3;
+$maxLen = defined('USRNM_MAX_LENGTH') ? USRNM_MAX_LENGTH : 15;
+$charsOk = $usernameSpecial
+    ? (bool)preg_match('/^[A-Za-z0-9._-]+(?: [A-Za-z0-9._-]+)*$/D', $username)
+    : !preg_match('/[^0-9A-Za-z]/', $username);
+
+if (strlen($username) < $minLen || strlen($username) > $maxLen || !$charsOk) {
     header("Location: ../../../Admin/admin.php?p=player&uid=$uid&e=invalid");
     exit;
 }