diff --git a/endpoints/oauthlogin.py b/endpoints/oauthlogin.py
index 3d009ee9a..1164d5df5 100644
--- a/endpoints/oauthlogin.py
+++ b/endpoints/oauthlogin.py
@@ -15,7 +15,6 @@ from endpoints.web import render_page_template_with_routedata
 from util.security.jwtutil import decode, InvalidTokenError
 from util.validation import generate_valid_usernames
 
-
 logger = logging.getLogger(__name__)
 client = app.config['HTTPCLIENT']
 oauthlogin = Blueprint('oauthlogin', __name__)
@@ -229,7 +228,7 @@ def google_oauth_attach():
       username, app.config['REGISTRY_TITLE_SHORT'])
     return render_ologin_error('Google', err)
 
-  return redirect(url_for('web.user'))
+  return redirect(url_for('web.user_view', path=user_obj.username, tab='external'))
 
 
 @oauthlogin.route('/github/callback/attach', methods=['GET'])
@@ -258,7 +257,7 @@ def github_oauth_attach():
 
     return render_ologin_error('GitHub', err)
 
-  return redirect(url_for('web.user'))
+  return redirect(url_for('web.user_view', path=user_obj.username, tab='external'))
 
 
 def decode_user_jwt(token, oidc_provider):
@@ -326,7 +325,7 @@ def dex_oauth_attach():
 
   try:
     payload = decode_user_jwt(token, dex_login)
-  except jwt.InvalidTokenError:
+  except InvalidTokenError:
     logger.exception('Exception when decoding returned JWT')
     return render_ologin_error(
       dex_login.public_title,
@@ -344,4 +343,5 @@ def dex_oauth_attach():
                                                               app.config['REGISTRY_TITLE_SHORT'])
     return render_ologin_error(dex_login.public_title, err)
 
-  return redirect(url_for('web.user'))
+  return redirect(url_for('web.user_view', path=user_obj.username, tab='external'))
+
diff --git a/endpoints/web.py b/endpoints/web.py
index 40ad37812..c19c957a1 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -126,12 +126,6 @@ def organizations():
   return index('')
 
 
-@web.route('/user/')
-@no_cache
-def user():
-  return index('')
-
-
 @web.route('/superuser/')
 @no_cache
 @route_show_if(features.SUPER_USERS)
@@ -405,8 +399,10 @@ def confirm_email():
   common_login(user)
   if model.user.has_user_prompts(user):
     return redirect(url_for('web.updateuser'))
+  elif new_email:
+    return redirect(url_for('web.user_view', path=user.username, tab='settings'))
   else:
-    return redirect(url_for('web.user', tab='email') if new_email else url_for('web.index'))
+    return redirect(url_for('web.index'))
 
 
 @web.route('/recovery', methods=['GET'])
@@ -418,7 +414,7 @@ def confirm_recovery():
 
   if user is not None:
     common_login(user)
-    return redirect(url_for('web.user'))
+    return redirect(url_for('web.user_view', path=user.username, tab='settings', action='password'))
   else:
     message = 'Invalid recovery code: This code is invalid or may have already been used.'
     return render_page_template_with_routedata('message.html', message=message)
diff --git a/static/js/pages/user-view.js b/static/js/pages/user-view.js
index ff15d0c4d..c97a786b8 100644
--- a/static/js/pages/user-view.js
+++ b/static/js/pages/user-view.js
@@ -43,9 +43,14 @@
         $scope.context.viewuser = user;
         $scope.viewuser = user;
 
-        // Load the repositories.
         $timeout(function() {
+          // Load the repositories.
           loadRepositories();
+
+          // Show the password change dialog if immediately after an account recovery.
+          if ($routeParams.action == 'password' && UserService.isNamespaceAdmin(username)) {
+            $scope.showChangePassword();
+          }
         }, 10);
       });
     };