diff --git a/ckan/controllers/user.py b/ckan/controllers/user.py
index 81ec29fbae1..66f7dad1e58 100644
--- a/ckan/controllers/user.py
+++ b/ckan/controllers/user.py
@@ -356,12 +356,18 @@ def request_reset(self):
 
     def perform_reset(self, id):
         context = {'model': model, 'session': model.Session,
-                   'user': c.user}
+                   'user': c.user,
+                   'keep_sensitive_data': True}
 
         data_dict = {'id':id}
 
         try:
-            user_dict = get_action('user_show')(context,data_dict)
+            user_dict = get_action('user_show')(context, data_dict)
+
+            # Be a little paranoid, and get rid of sensitive data that's
+            # not needed.
+            user_dict.pop('apikey', None)
+            user_dict.pop('reset_key', None)
             user_obj = context['user_obj']
         except NotFound, e:
             abort(404, _('User not found'))
diff --git a/ckan/lib/dictization/model_dictize.py b/ckan/lib/dictization/model_dictize.py
index d9574bfd1e2..f7ecadc81d3 100644
--- a/ckan/lib/dictization/model_dictize.py
+++ b/ckan/lib/dictization/model_dictize.py
@@ -364,6 +364,7 @@ def user_dictize(user, context):
         # If not sysadmin or the same user, strip sensible info
         result_dict.pop('apikey', None)
         result_dict.pop('reset_key', None)
+        result_dict.pop('email', None)
 
     return result_dict
 
diff --git a/ckan/tests/lib/test_dictization.py b/ckan/tests/lib/test_dictization.py
index e1a831892bb..5db2e2a0f35 100644
--- a/ckan/tests/lib/test_dictization.py
+++ b/ckan/tests/lib/test_dictization.py
@@ -894,7 +894,6 @@ def test_16_group_dictized(self):
                     'users': [{'about': u'I love reading Annakarenina. My site: <a href="http://anna.com">anna.com</a>',
                               'display_name': u'annafan',
                               'capacity' : 'public',
-                              'email': None,
                               'email_hash': 'd41d8cd98f00b204e9800998ecf8427e',
                               'fullname': None,
                               'name': u'annafan',
@@ -1088,6 +1087,7 @@ def test_22_user_dictize_as_sysadmin(self):
         # Check sensitive data is available
         assert 'apikey' in user_dict
         assert 'reset_key' in user_dict
+        assert 'email' in user_dict
 
         # Passwords should never be available
         assert 'password' not in user_dict
@@ -1111,6 +1111,7 @@ def test_23_user_dictize_as_same_user(self):
         # Check sensitive data is available
         assert 'apikey' in user_dict
         assert 'reset_key' in user_dict
+        assert 'email' in user_dict
 
         # Passwords should never be available
         assert 'password' not in user_dict
@@ -1131,9 +1132,10 @@ def test_24_user_dictize_as_other_user(self):
         assert 'name' in user_dict
         assert 'about' in user_dict
 
-        # Check sensitive data is available
+        # Check sensitive data is not available
         assert 'apikey' not in user_dict
         assert 'reset_key' not in user_dict
+        assert 'email' not in user_dict
 
         # Passwords should never be available
         assert 'password' not in user_dict
@@ -1154,9 +1156,10 @@ def test_25_user_dictize_as_anonymous(self):
         assert 'name' in user_dict
         assert 'about' in user_dict
 
-        # Check sensitive data is available
+        # Check sensitive data is not available
         assert 'apikey' not in user_dict
         assert 'reset_key' not in user_dict
+        assert 'email' not in user_dict
 
         # Passwords should never be available
         assert 'password' not in user_dict