diff --git a/src/App/Pages/Accounts/LoginSsoPageViewModel.cs b/src/App/Pages/Accounts/LoginSsoPageViewModel.cs
index a6e06e131..af804ed53 100644
--- a/src/App/Pages/Accounts/LoginSsoPageViewModel.cs
+++ b/src/App/Pages/Accounts/LoginSsoPageViewModel.cs
@@ -218,7 +218,7 @@ namespace Bit.App.Pages
                 {
                     UpdateTempPasswordAction?.Invoke();
                 }
-                else if (decryptOptions.TrustedDeviceOption != null)
+                else if (decryptOptions?.TrustedDeviceOption != null)
                 {
                     // If user doesn't have a MP, but has reset password permission, they must set a MP
                     if (!decryptOptions.HasMasterPassword &&
@@ -232,7 +232,7 @@ namespace Bit.App.Pages
                     }
                     else if (await _deviceTrustCryptoService.IsDeviceTrustedAsync())
                     {
-                        var task = Task.Run(async () => await _syncService.FullSyncAsync(true));
+                        _syncService.FullSyncAsync(true).FireAndForget();
                         SsoAuthSuccessAction?.Invoke();
                     }
                     else
@@ -242,7 +242,7 @@ namespace Bit.App.Pages
                 }
                 else
                 {
-                    var task = Task.Run(async () => await _syncService.FullSyncAsync(true));
+                    _syncService.FullSyncAsync(true).FireAndForget();
                     SsoAuthSuccessAction?.Invoke();
                 }
             }
diff --git a/src/Core/Services/AuthService.cs b/src/Core/Services/AuthService.cs
index d11009d2d..9fda8f9f2 100644
--- a/src/Core/Services/AuthService.cs
+++ b/src/Core/Services/AuthService.cs
@@ -487,7 +487,7 @@ namespace Bit.Core.Services
 
                     if (decryptOptions?.TrustedDeviceOption != null)
                     {
-                        var key = await _deviceTrustCryptoService.DecryptUserKeyWithDeviceKeyAsync(decryptOptions?.TrustedDeviceOption.EncryptedPrivateKey, decryptOptions?.TrustedDeviceOption.EncryptedUserKey);
+                        var key = await _deviceTrustCryptoService.DecryptUserKeyWithDeviceKeyAsync(decryptOptions.TrustedDeviceOption.EncryptedPrivateKey, decryptOptions.TrustedDeviceOption.EncryptedUserKey);
                         if (key != null)
                         {
                             await _cryptoService.SetUserKeyAsync(key);
diff --git a/src/Core/Services/DeviceTrustCryptoService.cs b/src/Core/Services/DeviceTrustCryptoService.cs
index 93ccb905e..6a0e85689 100644
--- a/src/Core/Services/DeviceTrustCryptoService.cs
+++ b/src/Core/Services/DeviceTrustCryptoService.cs
@@ -108,9 +108,7 @@ namespace Bit.Core.Services
 
         public async Task<UserKey> DecryptUserKeyWithDeviceKeyAsync(string encryptedDevicePrivateKey, string encryptedUserKey)
         {
-            // Get device key
             var existingDeviceKey = await GetDeviceKeyAsync();
-
             if (existingDeviceKey == null)
             {
                 // User doesn't have a device key anymore so device is untrusted
@@ -118,14 +116,14 @@ namespace Bit.Core.Services
             }
 
             // Attempt to decrypt encryptedDevicePrivateKey with device key
-            var devicePrivateKey = await _cryptoService.DecryptToBytesAsync(
+            var devicePrivateKeyBytes = await _cryptoService.DecryptToBytesAsync(
               new EncString(encryptedDevicePrivateKey),
               existingDeviceKey
             );
 
             // Attempt to decrypt encryptedUserDataKey with devicePrivateKey
-            var userKey = await _cryptoService.RsaDecryptAsync(encryptedUserKey, devicePrivateKey);
-            return new UserKey(userKey);
+            var userKeyBytes = await _cryptoService.RsaDecryptAsync(encryptedUserKey, devicePrivateKeyBytes);
+            return new UserKey(userKeyBytes);
         }
     }
 }