diff --git a/app/blueprints/users/claim.py b/app/blueprints/users/claim.py
index ad5aa2c..1a70ee2 100644
--- a/app/blueprints/users/claim.py
+++ b/app/blueprints/users/claim.py
@@ -17,11 +17,14 @@
 
 from . import bp
 from flask import redirect, render_template, session, request, flash, url_for
-from flask_user import current_user
 from app.models import db, User, UserRank
-from app.utils import randomString, loginUser, rank_required
+from app.utils import randomString, loginUser
 from app.tasks.forumtasks import checkForumAccount
 from app.tasks.phpbbparser import getProfile
+import re
+
+def check_username(username):
+	return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username)
 
 @bp.route("/user/claim/", methods=["GET", "POST"])
 def claim():
@@ -31,6 +34,10 @@ def claim():
 	else:
 		method = request.args.get("method")
 
+		if not check_username(username):
+			flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
+			return redirect(url_for("users.claim"))
+
 		user = User.query.filter_by(forums_username=username).first()
 		if user and user.rank.atLeast(UserRank.NEW_MEMBER):
 			flash("User has already been claimed", "danger")
@@ -45,7 +52,6 @@ def claim():
 			flash("Unable to find user", "danger")
 			return redirect(url_for("users.claim"))
 
-
 	token = None
 	if "forum_token" in session:
 		token = session["forum_token"]
@@ -57,8 +63,8 @@ def claim():
 		ctype	= request.form.get("claim_type")
 		username = request.form.get("username")
 
-		if username is None or len(username.strip()) < 2:
-			flash("Invalid username", "danger")
+		if not check_username(username):
+			flash("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin", "danger")
 		elif ctype == "github":
 			task = checkForumAccount.delay(username)
 			return redirect(url_for("tasks.check", id=task.id, r=url_for("users.claim", username=username, method="github")))
@@ -88,6 +94,8 @@ def claim():
 
 			# Look for key
 			if sig and token in sig:
+				# Try getting again to fix crash
+				user = User.query.filter_by(forums_username=username).first()
 				if user is None:
 					user = User(username)
 					user.forums_username = username
@@ -106,4 +114,4 @@ def claim():
 		else:
 			flash("Unknown claim type", "danger")
 
-	return render_template("users/claim.html", username=username, key=token)
+	return render_template("users/claim.html", username=username, key="cdb_" + token)
diff --git a/app/templates/users/claim.html b/app/templates/users/claim.html
index ab66349..75b6cdc 100644
--- a/app/templates/users/claim.html
+++ b/app/templates/users/claim.html
@@ -52,7 +52,8 @@ Creating an Account
 					Enter your forum username here:
 				</p>
 
-				<input class="form-control my-4" type="text" name="username" value="{{ username }}" required placeholder="Forum username">
+				<input class="form-control my-4" type="text" name="username" value="{{ username }}"
+                       placeholder="Forum username" pattern="[a-zA-Z0-9._ -]+" title="Only a-zA-Z0-9._ allowed" required>
 
 				<p>
 					You'll need to have the GitHub field in your forum profile
@@ -81,7 +82,8 @@ Creating an Account
 					Enter your forum username here:
 				</p>
 
-				<input class="form-control my-3" type="text" name="username" value="{{ username }}" required placeholder="Forum username">
+				<input class="form-control my-3" type="text" name="username" value="{{ username }}"
+                       placeholder="Forum username" pattern="[a-zA-Z0-9._ -]+" title="Only a-zA-Z0-9._ allowed" required>
 
 				<p>
 					Go to
@@ -109,24 +111,24 @@ Creating an Account
 		</div>
 
 		<div class="col-sm-4">
-		<div class="card">
-			<div class="card-header">
-				<span class="badge badge-pill badge-dark mr-2">Option 3</span>
-				Email/password sign up
-			</div>
+            <div class="card">
+                <div class="card-header">
+                    <span class="badge badge-pill badge-dark mr-2">Option 3</span>
+                    Email/password sign up
+                </div>
 
-			<div class="card-body">
-				<p class="alert alert-danger">
-					<b>Only do this if you don't have a forum account!</b>
-				</p>
-				<p>
-					If you have a forum account, please use one of the other two
-					options.
-				</p>
+                <div class="card-body">
+                    <p class="alert alert-danger">
+                        <b>Only do this if you don't have a forum account!</b>
+                    </p>
+                    <p>
+                        If you have a forum account, please use one of the other two
+                        options.
+                    </p>
 
-				<a class="btn btn-primary" href="{{ url_for('user.register') }}">Register</a>
-			</div>
-		</div>
+                    <a class="btn btn-primary" href="{{ url_for('user.register') }}">Register</a>
+                </div>
+            </div>
 		</div>
 	</div>
 	{% endif %}
