This is a feature of the Web Application Firewall which comes turned on by default and prevents editing back-end users. This is to protect you in case a hacker infiltrates your site. If the hacker is not able to change your credentials it is not possible to "hold hostage" your site.
In order to disable that feature, go to Components, Admin Tools, Web Application Firewall, WAF Config then find the "Disable editing backend users' properties" setting and set it to No. Save and you're set :)
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!