diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/accounts.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/accounts.js
index 6defc337..e9e2ed11 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/accounts.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/accounts.js
@@ -67,7 +67,8 @@ Subscriber:
 <P>`;
     var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
 
-    if (Object.keys(accounts).length > 1) data += "Additional users:</B></FONT>";
+    var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
+    if (num_accounts > 1) data += "Additional users:</B></FONT>";
 
     data += "<TD WIDTH=20><TD WIDTH=198 VALIGN=top ALIGN=left>";
 
@@ -77,18 +78,18 @@ Subscriber:
 </B></FONT>
 <P>`;
 
-    if (Object.keys(accounts).length > 1) {
+    if (num_accounts > 1) {
         delete accounts.subscriber;
         for (const [key, value] of Object.entries(accounts)) {
             data += `<FONT COLOR="189CD6"><B>
 <A HREF="wtv-setup:/edit-user-begin?user_id=${key.replace("user", '')}">${value.subscriber_username}</A>
+</B></FONT><BR>
+
 `;
 
         };
     }
     data += `
-</B></FONT>
-<BR>
 <TR>
 <TD>
 <TD COLSPAN=4 HEIGHT=4 VALIGN=top ALIGN=left>
@@ -111,11 +112,11 @@ Subscriber:
 <TD COLSPAN=3 VALIGN=top ALIGN=right>
 <FONT COLOR="#E7CE4A" SIZE=-1><SHADOW>
 <INPUT action="/remove-users?user-count=x"
-name="RemoveUser" value="Remove User" WIDTH=140 ${(Object.keys(accounts).length <= 1) ? 'USESTYLE' : 'disabled="disabled" text=gray' }
+name="RemoveUser" value="Remove User" WIDTH=140 ${(num_accounts >= 1) ? 'USESTYLE' : 'disabled="disabled" text=gray' }
 TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" NAME="Button1" WIDTH=103>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=4 HEIGHT=1>
-<INPUT action="/add-user?user_count=${Object.keys(accounts).length}"
-name="AddUser" value="Add User" WIDTH=120 ${(Object.keys(accounts).length >= minisrv_config.config.user_accounts.max_users_per_account) ? 'disabled="disabled" text=gray' : 'USESTYLE'}
+<INPUT action="/add-user?user_count=${num_accounts}"
+name="AddUser" value="Add User" WIDTH=120 ${(num_accounts >= minisrv_config.config.user_accounts.max_users_per_account) ? 'disabled="disabled" text=gray' : 'USESTYLE'}
 TYPE=SUBMIT BORDERIMAGE="file://ROM/Borders/ButtonBorder2.bif" NAME="Button2" WIDTH=103>
 <IMG SRC="wtv-home:/ROMCache/Spacer.gif" WIDTH=4 HEIGHT=1>
 <INPUT action="client:goback"
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-name.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-name.js
index 850ec0ca..f0c5a2ec 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-name.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-name.js
@@ -2,8 +2,8 @@ var minisrv_service_file = true;
 
 
 if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
-else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
-else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
+else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
+
 
 if (errpage) {
     headers = errpage[0];
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js
index 5b5b0623..123a399a 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js
@@ -10,7 +10,7 @@ else if (request_headers.query.user_name.length < minisrv_config.config.user_acc
 else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.max_length + " or less characters.");
 else if (!wtvr.checkUsernameSanity(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
 else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name, ssid_sessions)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username.");
-else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
 
 
 
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user.js
index c40f084e..cd6f37c9 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user.js
@@ -1,7 +1,7 @@
 var minisrv_service_file = true;
 
 if (Object.keys(ssid_sessions[socket.ssid].listPrimaryAccountUsers()).length >= minisrv_config.config.user_accounts.max_users_per_account) {
-    errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+    errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
 }
 else if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
 
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user-done.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user-done.js
index 774cf919..042a34e7 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user-done.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user-done.js
@@ -17,15 +17,15 @@ if (!errpage) {
 }
 
 if (!errpage) {
-    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
     else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
-    else if (!request_headers.query.display_name) request_headers.query.display_name = request_headers.query.username;
 }
 
 if (errpage) {
     headers = errpage[0];
     data = errpage[1];
 } else {
+    if (!request_headers.query.display_name) request_headers.query.display_name = request_headers.query.username;
     userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
     var freeUserId = ssid_sessions[socket.ssid].findFreeUserSlot(ssid_sessions[socket.ssid]);
     if (freeUserId) {
@@ -33,10 +33,10 @@ if (errpage) {
         userSession.setSessionData("subscriber_name", request_headers.query.display_name);
         userSession.setSessionData("subscriber_username", request_headers.query.user_name);
         userSession.setSessionData("registered", true);
-        mailstore_exists = userSession.mailstore.mailstoreExists();
+        var mailstore_exists = userSession.mailstore.mailstoreExists();
         if (!mailstore_exists) mailstore_exists = userSession.mailstore.createMailstore();
         if (mailstore_exists) {
-            if (!userSession.mailstore.mailboxExists(mailbox)) {
+            if (!userSession.mailstore.mailboxExists(0)) {
                 // mailbox does not yet exist, create it
                 var mailbox_exists = userSession.mailstore.createMailbox(0);
                 if (mailbox_exists) {
@@ -55,6 +55,7 @@ if (errpage) {
 
             headers = `300 OK
 Content-type: text/html
+wtv-expire: wtv-setup:/accounts
 Location: wtv-setup:/accounts`;
         }
     }    
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user.js
index 20e5db52..f3226bf4 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/validate-add-user.js
@@ -16,7 +16,7 @@ if (!errpage) {
 }
 
 if (!errpage) {
-    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + " account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.");
+    if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
     else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
 }
 
diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js
index 1abe6856..e088ff9f 100644
--- a/zefie_wtvp_minisrv/app.js
+++ b/zefie_wtvp_minisrv/app.js
@@ -1529,14 +1529,14 @@ if (minisrv_config.config.error_log_file) {
     process.stderr.write = writeError
 }
 
-if (minisrv_config.config.passwords) {
-    if (minisrv_config.config.passwords.enabled) {
-        if (!minisrv_config.config.passwords.encryption_key) {
-            console.log(" * WARNING: passwords.encryption_key not defined, using default. Consider setting a unique key before setting passwords.");
-            console.log(" * WARNING: Changing the encryption key after users have set passwords will invalidate and lock out all users who have set passwords, without your manual intervention.");
-            minisrv_config.config.passwords.encryption_key = minisrv_config.config.passwords.default_encryption_key;
-        }
-    }
+// sanity
+if (minisrv_config.config.user_accounts.max_users_per_account < 1) {
+    console.log(" * WARNING: user_accounts.max_users_per_account should be at least 1, we have set it to 1.");
+    minisrv_config.config.user_accounts.max_users_per_account = 1;
+}
+if (minisrv_config.config.user_accounts.max_users_per_account > 99) {
+    console.log(" * WARNING: user_accounts.max_users_per_account should be less than 99, we have set it to 99.");
+    minisrv_config.config.user_accounts.max_users_per_account = 99;
 }
 
 process.on('uncaughtException', function (err) {
diff --git a/zefie_wtvp_minisrv/config.json b/zefie_wtvp_minisrv/config.json
index 0e1ea780..272a5098 100644
--- a/zefie_wtvp_minisrv/config.json
+++ b/zefie_wtvp_minisrv/config.json
@@ -37,8 +37,7 @@
       "enabled": true,
       "min_length": 5,
       "max_length": 32,
-      "form_size": 16,
-      "default_encryption_key": "S4WZvVfoQ77fovegdO7olln0P0ZNAMWe"
+      "form_size": 16
     }
   },
   "services": {