diff --git a/views/admin.qtpl b/views/admin.qtpl
index e7f1dc3..25d63cb 100644
--- a/views/admin.qtpl
+++ b/views/admin.qtpl
@@ -142,6 +142,9 @@
 	</div>
 	{% endif %}
 
+	{% if f.Get("group") == "telegram" %}
+	<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
+	{% else %}
 	<form action="" method="post">
 		<div class="form-field">
 			<select id="group" name="group" aria-label="Group">
@@ -157,10 +160,11 @@
 			<button class="btn" type="submit">Update</button>
 		</div>
 	</form>
+	{% endif %}
 
 	<h2>Delete user</h2>
 	<p>Remove the user from the database. Changes made by the user will
-	be preserved.</p>
+	be preserved. It will be possible to take this username later.</p>
 	<a class="btn btn_destructive" href="/admin/users/{%u u.Name %}/delete">Delete</a>
 </main>
 </div>
diff --git a/views/admin.qtpl.go b/views/admin.qtpl.go
index 3a34d2f..83369e9 100644
--- a/views/admin.qtpl.go
+++ b/views/admin.qtpl.go
@@ -382,54 +382,65 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
 //line views/admin.qtpl:143
 	qw422016.N().S(`
 
+	`)
+//line views/admin.qtpl:145
+	if f.Get("group") == "telegram" {
+//line views/admin.qtpl:145
+		qw422016.N().S(`
+	<p>This user is authorized using Telegram, they have the same rights as <i>trusted</i> editors. You cannot change their group.</p>
+	`)
+//line views/admin.qtpl:147
+	} else {
+//line views/admin.qtpl:147
+		qw422016.N().S(`
 	<form action="" method="post">
 		<div class="form-field">
 			<select id="group" name="group" aria-label="Group">
 				<option`)
-//line views/admin.qtpl:148
-	if f.Get("group") == "anon" {
-//line views/admin.qtpl:148
-		qw422016.N().S(` selected`)
-//line views/admin.qtpl:148
-	}
-//line views/admin.qtpl:148
-	qw422016.N().S(`>anon</option>
-				<option`)
-//line views/admin.qtpl:149
-	if f.Get("group") == "editor" {
-//line views/admin.qtpl:149
-		qw422016.N().S(` selected`)
-//line views/admin.qtpl:149
-	}
-//line views/admin.qtpl:149
-	qw422016.N().S(`>editor</option>
-				<option`)
-//line views/admin.qtpl:150
-	if f.Get("group") == "trusted" {
-//line views/admin.qtpl:150
-		qw422016.N().S(` selected`)
-//line views/admin.qtpl:150
-	}
-//line views/admin.qtpl:150
-	qw422016.N().S(`>trusted</option>
-				<option`)
 //line views/admin.qtpl:151
-	if f.Get("group") == "moderator" {
+		if f.Get("group") == "anon" {
 //line views/admin.qtpl:151
-		qw422016.N().S(` selected`)
+			qw422016.N().S(` selected`)
 //line views/admin.qtpl:151
-	}
+		}
 //line views/admin.qtpl:151
-	qw422016.N().S(`>moderator</option>
+		qw422016.N().S(`>anon</option>
 				<option`)
 //line views/admin.qtpl:152
-	if f.Get("group") == "admin" {
+		if f.Get("group") == "editor" {
 //line views/admin.qtpl:152
-		qw422016.N().S(` selected`)
+			qw422016.N().S(` selected`)
 //line views/admin.qtpl:152
-	}
+		}
 //line views/admin.qtpl:152
-	qw422016.N().S(`>admin</option>
+		qw422016.N().S(`>editor</option>
+				<option`)
+//line views/admin.qtpl:153
+		if f.Get("group") == "trusted" {
+//line views/admin.qtpl:153
+			qw422016.N().S(` selected`)
+//line views/admin.qtpl:153
+		}
+//line views/admin.qtpl:153
+		qw422016.N().S(`>trusted</option>
+				<option`)
+//line views/admin.qtpl:154
+		if f.Get("group") == "moderator" {
+//line views/admin.qtpl:154
+			qw422016.N().S(` selected`)
+//line views/admin.qtpl:154
+		}
+//line views/admin.qtpl:154
+		qw422016.N().S(`>moderator</option>
+				<option`)
+//line views/admin.qtpl:155
+		if f.Get("group") == "admin" {
+//line views/admin.qtpl:155
+			qw422016.N().S(` selected`)
+//line views/admin.qtpl:155
+		}
+//line views/admin.qtpl:155
+		qw422016.N().S(`>admin</option>
 			</select>
 		</div>
 
@@ -437,117 +448,122 @@ func StreamAdminUserEditHTML(qw422016 *qt422016.Writer, u *user.User, f util.For
 			<button class="btn" type="submit">Update</button>
 		</div>
 	</form>
+	`)
+//line views/admin.qtpl:163
+	}
+//line views/admin.qtpl:163
+	qw422016.N().S(`
 
 	<h2>Delete user</h2>
 	<p>Remove the user from the database. Changes made by the user will
-	be preserved.</p>
+	be preserved. It will be possible to take this username later.</p>
 	<a class="btn btn_destructive" href="/admin/users/`)
-//line views/admin.qtpl:164
+//line views/admin.qtpl:168
 	qw422016.N().U(u.Name)
-//line views/admin.qtpl:164
+//line views/admin.qtpl:168
 	qw422016.N().S(`/delete">Delete</a>
 </main>
 </div>
 `)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 }
 
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 func WriteAdminUserEditHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	StreamAdminUserEditHTML(qw422016, u, f)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	qt422016.ReleaseWriter(qw422016)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 }
 
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 func AdminUserEditHTML(u *user.User, f util.FormData) string {
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	WriteAdminUserEditHTML(qb422016, u, f)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	qs422016 := string(qb422016.B)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 	return qs422016
-//line views/admin.qtpl:167
+//line views/admin.qtpl:171
 }
 
-//line views/admin.qtpl:169
+//line views/admin.qtpl:173
 func StreamAdminUserDeleteHTML(qw422016 *qt422016.Writer, u *user.User, f util.FormData) {
-//line views/admin.qtpl:169
+//line views/admin.qtpl:173
 	qw422016.N().S(`
 <div class="layout">
 <main class="main-width form-wrap">
 	<h1>Delete user</h1>
 
 	`)
-//line views/admin.qtpl:174
+//line views/admin.qtpl:178
 	if f.HasError() {
-//line views/admin.qtpl:174
+//line views/admin.qtpl:178
 		qw422016.N().S(`
 	<div class="notice notice--error">
 		<strong>Error:</strong>
 		`)
-//line views/admin.qtpl:177
+//line views/admin.qtpl:181
 		qw422016.E().S(f.Error())
-//line views/admin.qtpl:177
+//line views/admin.qtpl:181
 		qw422016.N().S(`
 	</div>
 	`)
-//line views/admin.qtpl:179
+//line views/admin.qtpl:183
 	}
-//line views/admin.qtpl:179
+//line views/admin.qtpl:183
 	qw422016.N().S(`
 
 	<p>Are you sure you want to delete <strong>`)
-//line views/admin.qtpl:181
+//line views/admin.qtpl:185
 	qw422016.E().S(u.Name)
-//line views/admin.qtpl:181
+//line views/admin.qtpl:185
 	qw422016.N().S(`</strong>
 	from the database? This action is irreversible.</p>
 
 	<form action="" method="post">
 		<button class="btn btn_destructive" type="submit">Delete</button>
 		<a class="btn btn_weak" href="/admin/users/`)
-//line views/admin.qtpl:186
+//line views/admin.qtpl:190
 	qw422016.N().U(u.Name)
-//line views/admin.qtpl:186
+//line views/admin.qtpl:190
 	qw422016.N().S(`/edit">Cancel</a>
 	</form>
 </main>
 </div>
 `)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 }
 
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 func WriteAdminUserDeleteHTML(qq422016 qtio422016.Writer, u *user.User, f util.FormData) {
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	StreamAdminUserDeleteHTML(qw422016, u, f)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	qt422016.ReleaseWriter(qw422016)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 }
 
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 func AdminUserDeleteHTML(u *user.User, f util.FormData) string {
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	WriteAdminUserDeleteHTML(qb422016, u, f)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	qs422016 := string(qb422016.B)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 	return qs422016
-//line views/admin.qtpl:190
+//line views/admin.qtpl:194
 }
diff --git a/views/auth.qtpl b/views/auth.qtpl
index 0f16696..51528a2 100644
--- a/views/auth.qtpl
+++ b/views/auth.qtpl
@@ -69,6 +69,7 @@
 Telegram auth widget was requested by Yogurt. As you can see, we don't offer user administrators control over it. Of course we don't.
 {% func telegramWidgetHTML() %}
 {% if cfg.TelegramEnabled %}
+<p>You can log in using Telegram. It only works if you have set your @username in Telegram and this username is free on this wiki.</p>
 <script async src="https://telegram.org/js/telegram-widget.js?15" data-telegram-login="{%s cfg.TelegramBotName %}" data-size="medium" data-userpic="false" data-auth-url="{%s cfg.URL %}/telegram-login"></script>
 {% endif %}
 {% endfunc %}
diff --git a/views/auth.qtpl.go b/views/auth.qtpl.go
index dc024dc..24c58b6 100644
--- a/views/auth.qtpl.go
+++ b/views/auth.qtpl.go
@@ -221,184 +221,185 @@ func streamtelegramWidgetHTML(qw422016 *qt422016.Writer) {
 	if cfg.TelegramEnabled {
 //line views/auth.qtpl:71
 		qw422016.N().S(`
+<p>You can log in using Telegram. It only works if you have set your @username in Telegram and this username is free on this wiki.</p>
 <script async src="https://telegram.org/js/telegram-widget.js?15" data-telegram-login="`)
-//line views/auth.qtpl:72
+//line views/auth.qtpl:73
 		qw422016.E().S(cfg.TelegramBotName)
-//line views/auth.qtpl:72
+//line views/auth.qtpl:73
 		qw422016.N().S(`" data-size="medium" data-userpic="false" data-auth-url="`)
-//line views/auth.qtpl:72
+//line views/auth.qtpl:73
 		qw422016.E().S(cfg.URL)
-//line views/auth.qtpl:72
+//line views/auth.qtpl:73
 		qw422016.N().S(`/telegram-login"></script>
 `)
-//line views/auth.qtpl:73
+//line views/auth.qtpl:74
 	}
-//line views/auth.qtpl:73
+//line views/auth.qtpl:74
 	qw422016.N().S(`
 `)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 }
 
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 func writetelegramWidgetHTML(qq422016 qtio422016.Writer) {
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	streamtelegramWidgetHTML(qw422016)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	qt422016.ReleaseWriter(qw422016)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 }
 
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 func telegramWidgetHTML() string {
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	writetelegramWidgetHTML(qb422016)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	qs422016 := string(qb422016.B)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 	return qs422016
-//line views/auth.qtpl:74
+//line views/auth.qtpl:75
 }
 
-//line views/auth.qtpl:76
+//line views/auth.qtpl:77
 func StreamLoginErrorHTML(qw422016 *qt422016.Writer, err string) {
-//line views/auth.qtpl:76
+//line views/auth.qtpl:77
 	qw422016.N().S(`
 <div class="layout">
 <main class="main-width">
 	<section>
 	`)
-//line views/auth.qtpl:80
+//line views/auth.qtpl:81
 	switch err {
-//line views/auth.qtpl:81
+//line views/auth.qtpl:82
 	case "unknown username":
-//line views/auth.qtpl:81
+//line views/auth.qtpl:82
 		qw422016.N().S(`
 		<p class="error">Unknown username.</p>
 	`)
-//line views/auth.qtpl:83
+//line views/auth.qtpl:84
 	case "wrong password":
-//line views/auth.qtpl:83
+//line views/auth.qtpl:84
 		qw422016.N().S(`
 		<p class="error">Wrong password.</p>
 	`)
-//line views/auth.qtpl:85
+//line views/auth.qtpl:86
 	default:
-//line views/auth.qtpl:85
+//line views/auth.qtpl:86
 		qw422016.N().S(`
 		<p class="error">`)
-//line views/auth.qtpl:86
+//line views/auth.qtpl:87
 		qw422016.E().S(err)
-//line views/auth.qtpl:86
+//line views/auth.qtpl:87
 		qw422016.N().S(`</p>
 	`)
-//line views/auth.qtpl:87
+//line views/auth.qtpl:88
 	}
-//line views/auth.qtpl:87
+//line views/auth.qtpl:88
 	qw422016.N().S(`
 		<p><a href="/login">← Try again</a></p>
 	</section>
 </main>
 </div>
 `)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 }
 
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 func WriteLoginErrorHTML(qq422016 qtio422016.Writer, err string) {
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	StreamLoginErrorHTML(qw422016, err)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	qt422016.ReleaseWriter(qw422016)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 }
 
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 func LoginErrorHTML(err string) string {
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	WriteLoginErrorHTML(qb422016, err)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	qs422016 := string(qb422016.B)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 	return qs422016
-//line views/auth.qtpl:92
+//line views/auth.qtpl:93
 }
 
-//line views/auth.qtpl:94
+//line views/auth.qtpl:95
 func StreamLogoutHTML(qw422016 *qt422016.Writer, can bool) {
-//line views/auth.qtpl:94
+//line views/auth.qtpl:95
 	qw422016.N().S(`
 <div class="layout">
 <main class="main-width">
 	<section>
 	`)
-//line views/auth.qtpl:98
+//line views/auth.qtpl:99
 	if can {
-//line views/auth.qtpl:98
+//line views/auth.qtpl:99
 		qw422016.N().S(`
 		<h1>Log out?</h1>
 		<p><a href="/logout-confirm"><strong>Confirm</strong></a></p>
 		<p><a href="/">Cancel</a></p>
 	`)
-//line views/auth.qtpl:102
+//line views/auth.qtpl:103
 	} else {
-//line views/auth.qtpl:102
+//line views/auth.qtpl:103
 		qw422016.N().S(`
 		<p>You cannot log out because you are not logged in.</p>
 		<p><a href="/login">Login</a></p>
 		<p><a href="/login">← Home</a></p>
 	`)
-//line views/auth.qtpl:106
+//line views/auth.qtpl:107
 	}
-//line views/auth.qtpl:106
+//line views/auth.qtpl:107
 	qw422016.N().S(`
 	</section>
 </main>
 </div>
 `)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 }
 
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 func WriteLogoutHTML(qq422016 qtio422016.Writer, can bool) {
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	StreamLogoutHTML(qw422016, can)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	qt422016.ReleaseWriter(qw422016)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 }
 
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 func LogoutHTML(can bool) string {
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	WriteLogoutHTML(qb422016, can)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	qs422016 := string(qb422016.B)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 	return qs422016
-//line views/auth.qtpl:110
+//line views/auth.qtpl:111
 }
 
-//line views/auth.qtpl:112
+//line views/auth.qtpl:113
 func StreamLockHTML(qw422016 *qt422016.Writer) {
-//line views/auth.qtpl:112
+//line views/auth.qtpl:113
 	qw422016.N().S(`
 <!doctype html>
 <html>
@@ -430,31 +431,31 @@ func StreamLockHTML(qw422016 *qt422016.Writer) {
 </body>
 </html>
 `)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 }
 
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 func WriteLockHTML(qq422016 qtio422016.Writer) {
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	qw422016 := qt422016.AcquireWriter(qq422016)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	StreamLockHTML(qw422016)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	qt422016.ReleaseWriter(qw422016)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 }
 
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 func LockHTML() string {
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	qb422016 := qt422016.AcquireByteBuffer()
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	WriteLockHTML(qb422016)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	qs422016 := string(qb422016.B)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	qt422016.ReleaseByteBuffer(qb422016)
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 	return qs422016
-//line views/auth.qtpl:142
+//line views/auth.qtpl:143
 }
diff --git a/web/auth.go b/web/auth.go
index 8b77b4a..f8e0979 100644
--- a/web/auth.go
+++ b/web/auth.go
@@ -125,7 +125,7 @@ func handlerLogin(w http.ResponseWriter, rq *http.Request) {
 
 func handlerTelegramLogin(w http.ResponseWriter, rq *http.Request) {
 	// Note there is no lock here.
-	w.Header().Set("Content-Type", "text/plain;charset=utf-8")
+	w.Header().Set("Content-Type", "text/html;charset=utf-8")
 	rq.ParseForm()
 	var (
 		values = rq.URL.Query()