diff --git a/packages/hydrooj/src/handler/home.ts b/packages/hydrooj/src/handler/home.ts
index 28f99a6e..fb29187b 100644
--- a/packages/hydrooj/src/handler/home.ts
+++ b/packages/hydrooj/src/handler/home.ts
@@ -166,6 +166,7 @@ class HomeSecurityHandler extends Handler {
         }
         this.response.template = 'home_security.html';
         this.response.body = {
+            sudoUid: this.session.sudoUid || null,
             sessions,
             authenticators: this.user._authenticators.map((c) => pick(c, [
                 'credentialID', 'name', 'credentialType', 'credentialDeviceType',
@@ -180,9 +181,13 @@ class HomeSecurityHandler extends Handler {
     @param('current', Types.String)
     @param('password', Types.Password)
     @param('verifyPassword', Types.Password)
-    async postChangePassword(_: string, current: string, password: string, verify: string) {
+    async postChangePassword(domainId: string, current: string, password: string, verify: string) {
         if (password !== verify) throw new VerifyPasswordError();
-        this.user.checkPassword(current);
+        if (this.session.sudoUid) {
+            const udoc = await user.getById(domainId, this.session.sudoUid);
+            if (!udoc) throw new UserNotFoundError(this.session.sudoUid);
+            udoc.checkPassword(current);
+        } else this.user.checkPassword(current);
         await user.setPassword(this.user._id, password);
         await token.delByUid(this.user._id);
         this.response.redirect = this.url('user_login');
@@ -194,7 +199,11 @@ class HomeSecurityHandler extends Handler {
     async postChangeMail(domainId: string, current: string, email: string) {
         const mailDomain = email.split('@')[1];
         if (await BlackListModel.get(`mail::${mailDomain}`)) throw new BlacklistedError(mailDomain);
-        this.user.checkPassword(current);
+        if (this.session.sudoUid) {
+            const udoc = await user.getById(domainId, this.session.sudoUid);
+            if (!udoc) throw new UserNotFoundError(this.session.sudoUid);
+            udoc.checkPassword(current);
+        } else this.user.checkPassword(current);
         const udoc = await user.getByEmail(domainId, email);
         if (udoc) throw new UserAlreadyExistError(email);
         await this.limitRate('send_mail', 3600, 30);
diff --git a/packages/hydrooj/src/handler/misc.ts b/packages/hydrooj/src/handler/misc.ts
index ee4d5cda..937265c8 100644
--- a/packages/hydrooj/src/handler/misc.ts
+++ b/packages/hydrooj/src/handler/misc.ts
@@ -12,7 +12,7 @@ import storage from '../model/storage';
 import * as system from '../model/system';
 import user from '../model/user';
 import {
-    Handler, param, post, Types,
+    Handler, param, post, requireSudo, Types,
 } from '../service/server';
 import { encodeRFC5987ValueChars } from '../service/storage';
 import { builtinConfig } from '../settings';
@@ -122,8 +122,10 @@ export class StorageHandler extends Handler {
 }
 
 export class SwitchAccountHandler extends Handler {
+    @requireSudo
     @param('uid', Types.Int)
     async get(domainId: string, uid: number) {
+        this.session.sudoUid = this.user._id;
         this.session.uid = uid;
         this.back();
     }
@@ -134,5 +136,5 @@ export async function apply(ctx) {
     ctx.Route('home_files', '/file', FilesHandler);
     ctx.Route('fs_download', '/file/:uid/:filename', FSDownloadHandler);
     ctx.Route('storage', '/storage', StorageHandler);
-    ctx.Route('switch_account', '/account', SwitchAccountHandler, PRIV.PRIV_EDIT_SYSTEM);
+    ctx.Route('switch_account', '/account/:uid', SwitchAccountHandler, PRIV.PRIV_EDIT_SYSTEM);
 }
diff --git a/packages/ui-default/components/navigation/navigation.page.js b/packages/ui-default/components/navigation/navigation.page.js
index a23e41eb..8833003c 100644
--- a/packages/ui-default/components/navigation/navigation.page.js
+++ b/packages/ui-default/components/navigation/navigation.page.js
@@ -18,8 +18,9 @@ async function handlerSwitchAccount(ev) {
   const target = await selectUser('Hint::icon::switch_account');
   if (!target) return;
   try {
-    await request.get('/account', { uid: target._id });
-    window.location.reload();
+    const res = await request.get(`/account/${target._id}`);
+    if (res.url) window.location.href = res.url;
+    else window.location.reload();
   } catch (error) {
     Notification.error(error.message);
   }
diff --git a/packages/ui-default/locales/zh.yaml b/packages/ui-default/locales/zh.yaml
index 659dc8ac..dc37f3c6 100644
--- a/packages/ui-default/locales/zh.yaml
+++ b/packages/ui-default/locales/zh.yaml
@@ -832,6 +832,7 @@ Submitted: 已递交
 Subtask {0}: 子任务 {0}
 Subtasks: 子任务
 SuperUser: 超级管理员
+SuperUser's Password: 超级管理员的密码
 Support: 支持
 Switch account: 切换账户
 Tags: 标签
diff --git a/packages/ui-default/templates/home_security.html b/packages/ui-default/templates/home_security.html
index 1f144656..406f933f 100644
--- a/packages/ui-default/templates/home_security.html
+++ b/packages/ui-default/templates/home_security.html
@@ -20,7 +20,7 @@
         <form method="post">
           {{ form.form_text({
                type:'password',
-               label:'Current Password',
+               label:"SuperUser's Password" if sudoUid else 'Current Password',
                columns:10,
                name:'password',
                required:true
@@ -57,7 +57,7 @@
         <form method="post">
           {{ form.form_text({
                type:'password',
-               label:'Current Password',
+               label:"SuperUser's Password" if sudoUid else 'Current Password',
                columns:10,
                name:'current',
                required:true