diff --git a/biz/user.go b/biz/user.go
index 70aa5ce..47a5243 100644
--- a/biz/user.go
+++ b/biz/user.go
@@ -63,6 +63,11 @@ func (s *UserAPIService) Register(ctx context.Context, req *pb.RegisterAndLoginR
 		return nil, status.Errorf(codes.InvalidArgument, "邮箱格式不正确")
 	}
 
+	req.Username = strings.TrimSpace(req.Username)
+	if util.IsValidEmail(req.Username) || util.IsValidMobile(req.Username) {
+		return nil, status.Errorf(codes.InvalidArgument, "出于隐私保护，用户名不能是邮箱或手机号码")
+	}
+
 	cfg := s.dbModel.GetConfigOfSecurity(
 		model.ConfigSecurityEnableCaptchaRegister,
 		model.ConfigSecurityEnableRegister,
@@ -502,6 +507,11 @@ func (s *UserAPIService) AddUser(ctx context.Context, req *pb.SetUserRequest) (*
 		return nil, err
 	}
 
+	req.Username = strings.TrimSpace(req.Username)
+	if util.IsValidEmail(req.Username) || util.IsValidMobile(req.Username) {
+		return nil, status.Errorf(codes.InvalidArgument, "出于隐私保护，用户名不能是邮箱或手机号码")
+	}
+
 	err = validate.ValidateStruct(req, s.getValidFieldMap())
 	if err != nil {
 		return nil, status.Errorf(codes.InvalidArgument, err.Error())
diff --git a/util/util.go b/util/util.go
index deb69bb..c715185 100644
--- a/util/util.go
+++ b/util/util.go
@@ -176,6 +176,13 @@ func IsValidEmail(email string) (yes bool) {
 	return reg.MatchString(email)
 }
 
+// IsValidMobile 验证手机号格式
+func IsValidMobile(mobile string) (yes bool) {
+	pattern := `^1[3456789]\d{9}$`
+	reg := regexp.MustCompile(pattern)
+	return reg.MatchString(mobile)
+}
+
 // CheckCommandExists 验证命令是否存在
 func CheckCommandExists(command string) error {
 	_, err := exec.LookPath(command)