password_change_form and upload_key_form shouldn't be tied to the theme. Move the forms to a better place (auth something..)
Make every part of the page (password_change_form and upload_key_form, Display Name, Page Size, Email, User Messages, etc in a unique jinja block. Instead of "if" statements that check auth.method or the theme, every section on the page should be contained in a block so that a simple template override can be set up for user_prefs.html and any individual block can be made to be empty (or something else)
Improve the layout between each section as best you can. And within the email block especially. It seems like everything is just run together. It is extra confusing that there a multiple separate forms with their own save buttons. I think dedicated forms for pwd change and ssh keys makes sense, but it is confusing to have so many forms on the page. I am open to suggestions for the multiple forms issue. Best idea I have so far is to have a <hr> between each form, to visually show the separations. (Ideally would have it all auto-save ajax or all one single form, but those would be big projects).