diff --git a/src/manifest.json b/src/manifest.json
index e2ac4fa26d..59315fe6e6 100644
--- a/src/manifest.json
+++ b/src/manifest.json
@@ -19,6 +19,8 @@
       "node_modules/sjcl/core/bitArray.js",
       "models/api/requestModels.js",
       "models/api/responseModels.js",
+      "models/dataModels.js",
+      "models/domainModels.js",
       "services/cryptoService.js",
       "services/cryptoService.js",
       "services/tokenService.js",
diff --git a/src/models/domainModels.js b/src/models/domainModels.js
index 992cde9164..7699bb5294 100644
--- a/src/models/domainModels.js
+++ b/src/models/domainModels.js
@@ -13,7 +13,7 @@ var CipherString = function (encryptedString) {
     CipherString.prototype.decrypt = function (callback) {
         if (!_decryptedValue) {
             var cryptoService = chrome.extension.getBackgroundPage().cryptoService;
-            _decryptedValue = cryptoService.Decrypt(this);
+            _decryptedValue = cryptoService.decrypt(this);
         }
 
         return _decryptedValue;
@@ -39,7 +39,7 @@ var Site = function (obj, alreadyEncrypted) {
         this.notes = new CipherString(obj.notes);
     }
 
-    this.favorite = new obj.favorite;
+    this.favorite = obj.favorite ? true : false;
 };
 
 var Folder = function (obj, alreadyEncrypted) {
diff --git a/src/popup/app/services/loginService.js b/src/popup/app/services/loginService.js
index 79feb30358..1c403b9911 100644
--- a/src/popup/app/services/loginService.js
+++ b/src/popup/app/services/loginService.js
@@ -1,15 +1,15 @@
 angular
     .module('bit.services')
 
-    .factory('loginService', function (cryptoService, apiService, apiService, userService, tokenService, $q) {
+    .factory('loginService', function (cryptoService, apiService, userService, tokenService, $q) {
         var _service = {};
 
         _service.logIn = function (email, masterPassword) {
             var key = cryptoService.makeKey(masterPassword, email);
+            var deferred = $q.defer();
             cryptoService.hashPassword(masterPassword, key, function (hashedPassword) {
                 var request = new TokenRequest(email, hashedPassword);
 
-                var deferred = $q.defer();
                 apiService.postToken(request, function (response) {
                     if (!response || !response.token) {
                         return;
@@ -25,9 +25,8 @@
                 }, function (error) {
                     deferred.reject(error);
                 });
-
-                return deferred.promise;
             });
+            return deferred.promise;
         };
 
         _service.logInTwoFactor = function (code, provider) {
diff --git a/src/popup/app/vault/vaultAddSiteController.js b/src/popup/app/vault/vaultAddSiteController.js
index 2505f8d5c1..a9aaf3a89a 100644
--- a/src/popup/app/vault/vaultAddSiteController.js
+++ b/src/popup/app/vault/vaultAddSiteController.js
@@ -7,8 +7,7 @@
         };
 
         $scope.createSite = function (model) {
-            var newModel = model;
-            encryptSite(newModel, function (siteModel) {
+            encryptSite(model, function (siteModel) {
                 var site = new Site(siteModel, true);
                 siteService.save(site, function () {
                     $scope.close();
@@ -20,16 +19,17 @@
             $scope.parentScope.closeAddSite();
         };
 
-        function encryptSite(siteModel, callback) {
-            cryptoService.encrypt(siteModel.name, function (nameCipherString) {
+        function encryptSite(model, callback) {
+            var siteModel = {};
+            cryptoService.encrypt(model.name, function (nameCipherString) {
                 siteModel.name = nameCipherString;
-                cryptoService.encrypt(siteModel.uri, function (uriCipherString) {
+                cryptoService.encrypt(model.uri, function (uriCipherString) {
                     siteModel.uri = uriCipherString;
-                    cryptoService.encrypt(siteModel.username, function (usernameCipherString) {
+                    cryptoService.encrypt(model.username, function (usernameCipherString) {
                         siteModel.username = usernameCipherString;
-                        cryptoService.encrypt(siteModel.password, function (passwordCipherString) {
+                        cryptoService.encrypt(model.password, function (passwordCipherString) {
                             siteModel.password = passwordCipherString;
-                            cryptoService.encrypt(siteModel.notes, function (notesCipherString) {
+                            cryptoService.encrypt(model.notes, function (notesCipherString) {
                                 siteModel.notes = notesCipherString;
                                 callback(siteModel);
                             });
diff --git a/src/popup/app/vault/views/vaultAddSite.html b/src/popup/app/vault/views/vaultAddSite.html
index cc8328ca85..71c8c26558 100644
--- a/src/popup/app/vault/views/vaultAddSite.html
+++ b/src/popup/app/vault/views/vaultAddSite.html
@@ -15,7 +15,7 @@
             </label>
             <label class="item item-input item-stacked-label">
                 <span class="input-label">URI</span>
-                <input type="url" ng-model="site.uri">
+                <input type="text" ng-model="site.uri">
             </label>
             <label class="item item-input item-stacked-label">
                 <span class="input-label">Username</span>
diff --git a/src/services/cryptoService.js b/src/services/cryptoService.js
index 200d5ae55a..c161807609 100644
--- a/src/services/cryptoService.js
+++ b/src/services/cryptoService.js
@@ -7,6 +7,8 @@ function initCryptoService() {
         _b64Key,
         _aes;
 
+    sjcl.beware["CBC mode is dangerous because it doesn't protect message integrity."]();
+
     CryptoService.prototype.setKey = function (key, callback) {
         if (!callback || typeof callback !== 'function') {
             throw 'callback function required';
@@ -101,6 +103,10 @@ function initCryptoService() {
             throw 'callback function required';
         }
 
+        if (plaintextValue === null || plaintextValue === undefined) {
+            callback(null);
+        }
+
         this.getKey(false, function (key) {
             if (!key) {
                 throw 'Encryption key unavailable.';
@@ -121,11 +127,15 @@ function initCryptoService() {
         });
     };
 
-    CryptoService.prototype.decrypt = function (cipherStrin, callback) {
+    CryptoService.prototype.decrypt = function (cipherString, callback) {
         if (!callback || typeof callback !== 'function') {
             throw 'callback function required';
         }
 
+        if (cipherString === null || cipherString === undefined) {
+            throw 'cannot decrypt nothing';
+        }
+
         this.getAes(function (aes) {
             if (!aes) {
                 throw 'AES encryption unavailable.';
diff --git a/src/services/folderService.js b/src/services/folderService.js
index 70141d9d9a..4b1afa1211 100644
--- a/src/services/folderService.js
+++ b/src/services/folderService.js
@@ -7,13 +7,13 @@
 };
 
 function initFolderService() {
-    this.userService.getUserId(function (userId) {
-        var foldersKey = 'folders_' + userId;
+    FolderService.prototype.get = function (id, callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
+        }
 
-        FolderService.prototype.get = function (id, callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
+        this.userService.getUserId(function (userId) {
+            var foldersKey = 'folders_' + userId;
 
             chrome.storage.local.get(foldersKey, function (obj) {
                 var folders = obj[foldersKey];
@@ -24,12 +24,16 @@ function initFolderService() {
 
                 callback(null);
             });
-        };
+        });
+    };
 
-        FolderService.prototype.getAll = function (callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
+    FolderService.prototype.getAll = function (callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
+        }
+
+        this.userService.getUserId(function (userId) {
+            var foldersKey = 'folders_' + userId;
 
             chrome.storage.local.get(foldersKey, function (obj) {
                 var folders = obj[foldersKey];
@@ -41,10 +45,10 @@ function initFolderService() {
 
                 callback(response);
             });
-        };
+        });
+    };
 
-        function handleError() {
-            // TODO: check for unauth or forbidden and logout
-        }
-    });
+    function handleError() {
+        // TODO: check for unauth or forbidden and logout
+    }
 };
diff --git a/src/services/siteService.js b/src/services/siteService.js
index 3cff741fc5..63c2f22e56 100644
--- a/src/services/siteService.js
+++ b/src/services/siteService.js
@@ -7,13 +7,13 @@
 };
 
 function initSiteService() {
-    this.userService.getUserId(function (userId) {
-        var sitesKey = 'sites_' + userId;
+    SiteService.prototype.get = function (id, callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
+        }
 
-        SiteService.prototype.get = function (id, callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
+        this.userService.getUserId(function (userId) {
+            var sitesKey = 'sites_' + userId;
 
             chrome.storage.local.get(sitesKey, function (obj) {
                 var sites = obj[sitesKey];
@@ -24,93 +24,105 @@ function initSiteService() {
 
                 callback(null);
             });
-        };
+        });
+    };
 
-        SiteService.prototype.getAll = function (callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
+    SiteService.prototype.getAll = function (callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
+        }
+
+        this.userService.getUserId(function (userId) {
+            var sitesKey = 'sites_' + userId;
 
             chrome.storage.local.get(sitesKey, function (obj) {
                 var sites = obj[sitesKey];
                 var response = [];
                 for (var id in sites) {
+                    if (!id) {
+                        continue;
+                    }
+
                     response.push(new Site(sites[id]));
                 }
 
                 callback(response);
             });
-        };
+        });
+    };
 
-        SiteService.prototype.save = function (site, callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
-
-            var newRecord = site.id === null,
-                self = this;
-
-            var request = new SiteRequest(site);
-            if (newRecord) {
-                self.apiService.postSite(request, apiSuccess, handleError);
-            }
-            else {
-                self.apiService.putSite(site.id, request, apiSuccess, handleError);
-            }
-
-            function apiSuccess(response) {
-                userService.getUserId(function (userId) {
-                    var data = new SiteData(response, userId);
-
-                    chrome.storage.local.get(sitesKey, function (obj) {
-                        var sites = obj[sitesKey];
-                        if (!newRecord && site.id in sites) {
-                            sites[site.id] = data;
-                        }
-                        else {
-                            sites.push(data);
-                            site.id = data.id;
-                        }
-
-                        obj[sitesKey] = sites;
-                        chrome.storage.local.set(obj, function () {
-                            callback(site);
-                        });
-                    });
-                });
-            }
-        };
-
-        SiteService.prototype.delete = function (id, callback) {
-            if (!callback || typeof callback !== 'function') {
-                throw 'callback function required';
-            }
-
-            self.apiService.deleteCipher(id, apiSuccess, handleError);
-
-            function apiSuccess(response) {
-                userService.getUserId(function (userId) {
-                    chrome.storage.local.get(sitesKey, function (obj) {
-                        var sites = obj[sitesKey];
-                        if (id in sites) {
-                            var index = sites.indexOf(sites[id]);
-                            sites.splice(index, 1);
-
-                            obj[sitesKey] = sites;
-                            chrome.storage.local.set(obj, function () {
-                                callback();
-                            });
-                        }
-                        else {
-                            callback();
-                        }
-                    });
-                });
-            }
-        };
-
-        function handleError() {
-            // TODO: check for unauth or forbidden and logout
+    SiteService.prototype.save = function (site, callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
         }
-    });
+
+        var newRecord = site.id ? false : true,
+            self = this;
+
+        var request = new SiteRequest(site);
+        if (newRecord) {
+            self.apiService.postSite(request, apiSuccess, handleError);
+        }
+        else {
+            self.apiService.putSite(site.id, request, apiSuccess, handleError);
+        }
+
+        function apiSuccess(response) {
+            site.id = response.id;
+
+            userService.getUserId(function (userId) {
+                var data = new SiteData(response, userId);
+                var sitesKey = 'sites_' + userId;
+
+                chrome.storage.local.get(sitesKey, function (obj) {
+                    var sites = obj[sitesKey];
+                    if (!sites) {
+                        sites = {};
+                    }
+
+                    sites[site.id] = data;
+                    site.id = data.id;
+
+                    obj[sitesKey] = sites;
+                    chrome.storage.local.set(obj, function () {
+                        callback(site);
+                    });
+                });
+            });
+        }
+    };
+
+    SiteService.prototype.delete = function (id, callback) {
+        if (!callback || typeof callback !== 'function') {
+            throw 'callback function required';
+        }
+
+        self.apiService.deleteCipher(id, apiSuccess, handleError);
+
+        function apiSuccess(response) {
+            userService.getUserId(function (userId) {
+                var sitesKey = 'sites_' + userId;
+
+                chrome.storage.local.get(sitesKey, function (obj) {
+                    var sites = obj[sitesKey];
+                    if (!sites) {
+                        sites = {};
+                    }
+                    if (id in sites) {
+                        delete obj[sitesKey];
+                        chrome.storage.local.set(obj, function () {
+                            callback();
+                        });
+                    }
+                    else {
+                        callback();
+                    }
+                });
+            });
+        }
+    };
+
+    function handleError() {
+        // TODO: check for unauth or forbidden and logout
+    }
 };