diff --git a/src/main/scala/app/CreateRepositoryController.scala b/src/main/scala/app/CreateRepositoryController.scala
index 21f8c00..17d4d50 100644
--- a/src/main/scala/app/CreateRepositoryController.scala
+++ b/src/main/scala/app/CreateRepositoryController.scala
@@ -87,6 +87,8 @@
     def validate(name: String, value: String): Option[String] = {
       if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
         Some("Repository name contains invalid character.")
+      } else if(value.startsWith("_") || value.startsWith("-")){
+        Some("Repository name starts with invalid character.")
       } else if(getRepositoryNamesOfUser(context.loginAccount.get.userName).contains(value)){
         Some("Repository already exists.")
       } else {
diff --git a/src/main/scala/app/UsersController.scala b/src/main/scala/app/UsersController.scala
index a690304..cd5d0df 100644
--- a/src/main/scala/app/UsersController.scala
+++ b/src/main/scala/app/UsersController.scala
@@ -9,11 +9,10 @@
 
 trait UsersControllerBase extends ControllerBase { self: AccountService with AdminOnlyAuthenticator =>
   
-  // TODO ユーザ名の先頭に_は使えないようにする＆利用可能文字チェック
   case class UserForm(userName: String, password: String, mailAddress: String, isAdmin: Boolean, url: Option[String])
   
   val newForm = mapping(
-    "userName"    -> trim(label("Username"     , text(required, maxlength(100), unique))),
+    "userName"    -> trim(label("Username"     , text(required, maxlength(100), username, unique))),
     "password"    -> trim(label("Password"     , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
     "isAdmin"     -> trim(label("User Type"    , boolean())),
@@ -21,7 +20,7 @@
   )(UserForm.apply)
 
   val editForm = mapping(
-    "userName"    -> trim(label("Username"     , text())),
+    "userName"    -> trim(label("Username"     , text(required, maxlength(100), username))),
     "password"    -> trim(label("Password"     , text(required, maxlength(100)))),
     "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
     "isAdmin"     -> trim(label("User Type"    , boolean())),
@@ -68,8 +67,19 @@
     
     redirect("/admin/users")
   })
-  
-  def unique: Constraint = new Constraint(){
+
+  private def username: Constraint = new Constraint(){
+    def validate(name: String, value: String): Option[String] =
+      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
+        Some("Username contains invalid character.")
+      } else if(value.startsWith("_") || value.startsWith("-")){
+        Some("Username starts with invalid character.")
+      } else {
+        None
+      }
+  }
+
+  private def unique: Constraint = new Constraint(){
     def validate(name: String, value: String): Option[String] =
       getAccountByUserName(value).map { _ => "User already exists." }
   }  
diff --git a/src/main/scala/app/WikiController.scala b/src/main/scala/app/WikiController.scala
index ee0d0ba..ecc9305 100644
--- a/src/main/scala/app/WikiController.scala
+++ b/src/main/scala/app/WikiController.scala
@@ -183,8 +183,8 @@
     def validate(name: String, value: String): Option[String] = {
       if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
         Some("Page name contains invalid character.")
-      } else if(value.startsWith("_")){
-        Some("Page name can not start with '_'.")
+      } else if(value.startsWith("_") || value.startsWith("-")){
+        Some("Page name starts with invalid character.")
       } else {
         None
       }