diff --git a/models/user.go b/models/user.go
index 2e38502c5b..42f70b4666 100644
--- a/models/user.go
+++ b/models/user.go
@@ -190,9 +190,6 @@ func (u *User) BeforeUpdate() {
 		if len(u.AvatarEmail) == 0 {
 			u.AvatarEmail = u.Email
 		}
-		if len(u.AvatarEmail) > 0 && u.Avatar == "" {
-			u.Avatar = base.HashEmail(u.AvatarEmail)
-		}
 	}
 
 	u.LowerName = strings.ToLower(u.Name)
@@ -822,7 +819,6 @@ func CreateUser(u *User) (err error) {
 
 	u.LowerName = strings.ToLower(u.Name)
 	u.AvatarEmail = u.Email
-	u.Avatar = base.HashEmail(u.AvatarEmail)
 	if u.Rands, err = GetUserSalt(); err != nil {
 		return err
 	}
diff --git a/models/user_avatar.go b/models/user_avatar.go
index 0a03ca7707..2f9db5c2e2 100644
--- a/models/user_avatar.go
+++ b/models/user_avatar.go
@@ -39,10 +39,9 @@ func (u *User) generateRandomAvatar(e Engine) error {
 	if err != nil {
 		return fmt.Errorf("RandomImage: %v", err)
 	}
-	// NOTICE for random avatar, it still uses id as avatar name, but custom avatar use md5
-	// since random image is not a user's photo, there is no security for enumable
+
 	if u.Avatar == "" {
-		u.Avatar = fmt.Sprintf("%d", u.ID)
+		u.Avatar = base.HashEmail(u.AvatarEmail)
 	}
 
 	if err := storage.SaveFrom(storage.Avatars, u.CustomAvatarRelativePath(), func(w io.Writer) error {
diff --git a/routers/user/setting/profile.go b/routers/user/setting/profile.go
index 1cb00aa77f..edb78031f2 100644
--- a/routers/user/setting/profile.go
+++ b/routers/user/setting/profile.go
@@ -121,7 +121,11 @@ func ProfilePost(ctx *context.Context, form auth.UpdateProfileForm) {
 func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *models.User) error {
 	ctxUser.UseCustomAvatar = form.Source == auth.AvatarLocal
 	if len(form.Gravatar) > 0 {
-		ctxUser.Avatar = base.EncodeMD5(form.Gravatar)
+		if form.Avatar != nil {
+			ctxUser.Avatar = base.EncodeMD5(form.Gravatar)
+		} else {
+			ctxUser.Avatar = ""
+		}
 		ctxUser.AvatarEmail = form.Gravatar
 	}