diff --git a/client/src/app/site/site-routing.module.ts b/client/src/app/site/site-routing.module.ts
index d8ddbaa3e..f0715741b 100644
--- a/client/src/app/site/site-routing.module.ts
+++ b/client/src/app/site/site-routing.module.ts
@@ -45,8 +45,9 @@ const routes: Routes = [
             },
             {
                 path: 'users',
-                loadChildren: './users/users.module#UsersModule',
-                data: { basePerm: 'users.can_see_name' }
+                loadChildren: './users/users.module#UsersModule'
+                // No baseperm, because change own password is ok, even if the
+                // user does not have users.can_see_name
             },
             {
                 path: 'tags',
diff --git a/client/src/app/site/users/users-routing.module.ts b/client/src/app/site/users/users-routing.module.ts
index 8d4254a42..88f90193c 100644
--- a/client/src/app/site/users/users-routing.module.ts
+++ b/client/src/app/site/users/users-routing.module.ts
@@ -12,7 +12,8 @@ const routes: Routes = [
     {
         path: '',
         component: UserListComponent,
-        pathMatch: 'full'
+        pathMatch: 'full',
+        data: { basePerm: 'users.can_see_name' }
     },
     {
         path: 'password',
@@ -47,8 +48,9 @@ const routes: Routes = [
     },
     {
         path: ':id',
-        component: UserDetailComponent,
-        data: { basePerm: 'users.can_see_name' }
+        component: UserDetailComponent
+        // No basePerm, because user is allowed to see the own profile page.
+        // Other user detail pages are empty if user does not have user.can_see_name.
     }
 ];