diff --git a/src/test/database-test.js b/src/test/database-test.js
index 21fc65f55..d4e1742fe 100644
--- a/src/test/database-test.js
+++ b/src/test/database-test.js
@@ -69,6 +69,18 @@ describe('database', function () {
             displayName: 'Herbert Heidelberg'
         };
 
+        var USER_3 = {
+            id: 'uuid458',
+            username: '',
+            password: 'secret',
+            email: 'SAFE3@me.com',
+            salt: 'tata',
+            createdAt: 'sometime back',
+            modifiedAt: 'now',
+            resetToken: '',
+            displayName: 'Herbert Heidelberg'
+        };
+
         it('can add user', function (done) {
             userdb.add(USER_0.id, USER_0, done);
         });
@@ -89,6 +101,14 @@ describe('database', function () {
             });
         });
 
+        it('cannot add user with same but uppercase email again', function (done) {
+            userdb.add(USER_3.id, USER_3, function (error) {
+                expect(error).to.be.ok();
+                expect(error.reason).to.be(DatabaseError.ALREADY_EXISTS);
+                done();
+            });
+        });
+
         it('can get by user id', function (done) {
             userdb.get(USER_0.id, function (error, user) {
                 expect(error).to.not.be.ok();
@@ -180,11 +200,10 @@ describe('database', function () {
             });
         });
 
-        it('cannot update with null field', function (done) {
-            userdb.update(USER_0.id, { email: null }, function (error) {
-                expect(error).to.be.ok();
-                done();
-            });
+        it('cannot update with null field', function () {
+            expect(function () {
+                userdb.update(USER_0.id, { email: null }, function () {});
+            }).to.throwError();
         });
 
         it('cannot del non-existing user', function (done) {
diff --git a/src/userdb.js b/src/userdb.js
index 8403ff6a2..77d707954 100644
--- a/src/userdb.js
+++ b/src/userdb.js
@@ -139,7 +139,7 @@ function add(userId, user, callback) {
     assert.strictEqual(typeof user.displayName, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    var data = [ userId, user.username || null, user.password, user.email, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
+    var data = [ userId, user.username || null, user.password, user.email.toLowerCase(), user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
     database.query('INSERT INTO users (id, username, password, email, salt, createdAt, modifiedAt, resetToken, displayName) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)', data, function (error, result) {
         if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
         if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
@@ -199,7 +199,11 @@ function update(userId, user, callback) {
         fields.push(k + ' = ?');
 
         if (k === 'username') {
+            assert.strictEqual(typeof user.username, 'string');
             args.push(user.username || null);
+        } if (k === 'email') {
+            assert.strictEqual(typeof user.email, 'string');
+            args.push(user.email.toLowerCase());
         } else {
             args.push(user[k]);
         }