diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index d6b84cc4a..8a58cc036 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -88,6 +88,11 @@ module ApplicationHelper
     policy(record).public_send("#{action}?")
   end
 
+  def masked_email(email)
+    email_username = email.split('@').first
+    "#{email_username[0]}***#{email_username[-1]}@#{email.split('@').last}"
+  end
+
   def fa_icon(icon, attributes = {})
     class_names = attributes[:class]&.split(' ') || []
     class_names << 'fa'
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index d832bff75..8408f57ee 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -6,6 +6,7 @@ class UserPolicy < ApplicationPolicy
   end
 
   def change_email?
+    return false
     staff? && !record.staff?
   end
 
diff --git a/app/views/admin/accounts/show.html.haml b/app/views/admin/accounts/show.html.haml
index 27e1f80a7..770bf8a5b 100644
--- a/app/views/admin/accounts/show.html.haml
+++ b/app/views/admin/accounts/show.html.haml
@@ -104,11 +104,9 @@
               = table_link_to 'angle-double-down', t('admin.accounts.demote'), demote_admin_account_role_path(@account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:demote, @account.user)
 
           %tr
-            %th{ rowspan: can?(:create, :email_domain_block) ? 3 : 2 }= t('admin.accounts.email')
-            %td{ rowspan: can?(:create, :email_domain_block) ? 3 : 2 }= @account.user_email
-            %td= table_link_to 'edit', t('admin.accounts.change_email.label'), admin_account_change_email_path(@account.id) if can?(:change_email, @account.user)
-
-          %tr
+            %th{ rowspan: can?(:create, :email_domain_block) ? 2 : 1 }= t('admin.accounts.email')
+            %td{ rowspan: can?(:create, :email_domain_block) ? 2 : 1 }= masked_email(@account.user_email)
+            //%td= table_link_to 'edit', t('admin.accounts.change_email.label'), admin_account_change_email_path(@account.id) if can?(:change_email, @account.user)
             %td= table_link_to 'search', t('admin.accounts.search_same_email_domain'), admin_accounts_path(email: "%@#{@account.user_email.split('@').last}")
 
           - if can?(:create, :email_domain_block)