diff --git a/wagtail/wagtailadmin/views/account.py b/wagtail/wagtailadmin/views/account.py
index 24fd0a2f1d..bfd2df7c7e 100644
--- a/wagtail/wagtailadmin/views/account.py
+++ b/wagtail/wagtailadmin/views/account.py
@@ -2,14 +2,17 @@ from django.conf import settings
 from django.shortcuts import render, redirect
 from django.contrib import messages
 from django.contrib.auth.forms import SetPasswordForm
+from django.contrib.auth.decorators import permission_required
 from django.utils.translation import ugettext as _ 
 
+@permission_required('wagtailadmin.access_admin')
 def account(request):
     return render(request, 'wagtailadmin/account/account.html', {
         'show_change_password': getattr(settings, 'WAGTAIL_PASSWORD_MANAGEMENT_ENABLED', True) and request.user.has_usable_password(),
     })
 
 
+@permission_required('wagtailadmin.access_admin')
 def change_password(request):
     can_change_password = request.user.has_usable_password()