fix userid comparisons

bump version
fix if when no currentid
2025-12-06 00:03:28 +00:00 · 2018-04-16 16:26:54 -04:00 · 2018-04-16 16:10:53 -04:00 · 2018-04-16 16:08:59 -04:00 · 2018-04-16 15:17:50 -04:00 · 2018-04-16 15:17:13 -04:00
236 changed files with 27042 additions and 3956 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,3 @@
+*
+!dist/*
+!entrypoint.sh
--- a/.gitignore
+++ b/.gitignore
@@ -199,4 +199,4 @@ FakesAssemblies/
 *.opt

 # Other
-project.lock.json
+src/js/*.min.js
--- a/1
+++ b/1
@@ -1 +0,0 @@
-vault.bitwarden.com
--- a/15
+++ b/15
@@ -0,0 +1,15 @@
+FROM bitwarden/server
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        gosu \
+&& rm -rf /var/lib/apt/lists/*
+
+ENV ASPNETCORE_URLS http://+:5000
+WORKDIR /app
+EXPOSE 5000
+COPY ./dist .
+COPY entrypoint.sh /
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -0,0 +1,5 @@
+<!--
+Please do not submit feature requests. The [Community Forums][1] has a
+section for submitting, voting for, and discussing product feature requests.
+[1]: https://community.bitwarden.com
+-->
--- a/README.md
+++ b/README.md
@@ -1,8 +1,10 @@
-[![appveyor build](https://ci.appveyor.com/api/projects/status/github/bitwarden/web?branch=master&svg=true)](https://ci.appveyor.com/project/bitwarden/web) [![Join the chat at https://gitter.im/bitwarden/Lobby](https://badges.gitter.im/bitwarden/Lobby.svg)](https://gitter.im/bitwarden/Lobby)
+[![appveyor build](https://ci.appveyor.com/api/projects/status/github/bitwarden/web?branch=master&svg=true)](https://ci.appveyor.com/project/bitwarden/web) [![DockerHub](https://img.shields.io/docker/pulls/bitwarden/web.svg)](https://hub.docker.com/u/bitwarden/) [![Join the chat at https://gitter.im/bitwarden/Lobby](https://badges.gitter.im/bitwarden/Lobby.svg)](https://gitter.im/bitwarden/Lobby)

-# bitwarden Web
+# Bitwarden Web Vault

-The bitwarden Web project is an AngularJS application that powers the web vault (https://vault.bitwarden.com/).
+The Bitwarden web project is an AngularJS application that powers the web vault (https://vault.bitwarden.com/).
+
+<img src="https://i.imgur.com/rxrykeX.png" alt="" width="791" height="739" />

 # Build/Run

@@ -11,8 +13,9 @@ The bitwarden Web project is an AngularJS application that powers the web vault
 - Node.js
 - Gulp

-Unless you are running the [Core](https://github.com/bitwarden/core) API locally, you'll probably need to switch the 
-application to target the production API. Open `package.json` and set `production` to `true`.
+By default the application points to the production API. If you want to change that to point to a local instance of
+the [Core](https://github.com/bitwarden/core) API, you can modify the `package.json` `env` property to `Development`
+and then set your local endpoints in `settings.json`.

 Then run the following commands:

@@ -26,4 +29,4 @@ You can now access the web vault at `http://localhost:4001`.

 Code contributions are welcome! Please commit any pull requests against the `master` branch.

-Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature.
+Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the [`SECURITY.md`](SECURITY.md) file.
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,45 @@
+Bitwarden believes that working with security researchers across the globe is crucial to keeping our
+users safe. If you believe you've found a security issue in our product or service, we encourage you to
+notify us. We welcome working with you to resolve the issue promptly. Thanks in advance!
+
+# Disclosure Policy
+
+- Let us know as soon as possible upon discovery of a potential security issue, and we'll make every
+  effort to quickly resolve the issue.
+- Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a
+  third-party. We may publicly disclose the issue before resolving it, if appropriate. 
+- Make a good faith effort to avoid privacy violations, destruction of data, and interruption or
+  degradation of our service. Only interact with accounts you own or with explicit permission of the
+  account holder.
+- If you would like to encrypt your report, please use the PGP key with long ID
+  `0xDE6887086F892325FEC04CC0D847525B6931381F` (available in the public keyserver pool).
+
+# In-scope
+
+- Security issues in any current release of Bitwarden. This includes the web vault, browser extension,
+  and mobile apps (iOS and Android). Product downloads are available at https://bitwarden.com. Source
+  code is available at https://github.com/bitwarden.
+
+# Exclusions
+
+The following bug classes are out-of scope:
+
+- Bugs that are already reported on any of Bitwarden's issue trackers (https://github.com/bitwarden),
+  or that we already know of. Note that some of our issue tracking is private.
+- Issues in an upstream software dependency (ex: Xamarin, ASP.NET) which are already reported to the
+  upstream maintainer.
+- Attacks requiring physical access to a user's device.
+- Self-XSS
+- Issues related to software or protocols not under Bitwarden's control
+- Vulnerabilities in outdated versions of Bitwarden
+- Missing security best practices that do not directly lead to a vulnerability
+- Issues that do not have any impact on the general public
+
+While researching, we'd like to ask you to refrain from:
+
+- Denial of service
+- Spamming
+- Social engineering (including phishing) of Bitwarden staff or contractors
+- Any physical attempts against Bitwarden property or data centers
+
+Thank you for helping keep Bitwarden and our users safe!
--- a/build.ps1
+++ b/build.ps1
@@ -0,0 +1,13 @@
+$dir = Split-Path -Parent $MyInvocation.MyCommand.Path
+
+echo "`n# Building Web"
+
+echo "`nBuilding app"
+echo "npm version $(npm --version)"
+echo "gulp version $(gulp --version)"
+npm install
+gulp dist:selfHosted
+
+echo "`nBuilding docker image"
+docker --version
+docker build -t bitwarden/web $dir\.
--- a/build.sh
+++ b/build.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+set -e
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+echo ""
+
+if [ $# -gt 1 -a "$1" == "push" ]
+then
+    TAG=$2
+    echo "# Pushing Web ($TAG)"
+    echo ""
+    docker push bitwarden/web:$TAG
+elif [ $# -gt 1 -a "$1" == "tag" ]
+then
+    TAG=$2
+    echo "Tagging Web as '$TAG'"
+    docker tag bitwarden/web bitwarden/web:$TAG
+else
+    echo "# Building Web"
+
+    echo ""
+    echo "Building app"
+    echo "npm version $(npm --version)"
+    echo "gulp version $(gulp --version)"
+    npm install
+    gulp dist:selfHosted
+
+    echo ""
+    echo "Building docker image"
+    docker --version
+    docker build -t bitwarden/web $DIR/.
+fi
--- a/dist/.publish
+++ b/dist/.publish
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+# Setup
+
+GROUPNAME="bitwarden"
+USERNAME="bitwarden"
+
+CURRENTGID=`getent group $GROUPNAME | cut -d: -f3`
+LGID=${LOCAL_GID:-999}
+
+NOUSER=`id -u $USERNAME > /dev/null 2>&1; echo $?`
+LUID=${LOCAL_UID:-999}
+
+# Step down from host root
+
+if [ $LGID == 0 ]
+then
+    LGID=999
+fi
+
+if [ $LUID == 0 ]
+then
+    LUID=999
+fi
+
+# Create group
+
+if [ $CURRENTGID ]
+then
+    if [ "$CURRENTGID" != "$LGID" ]
+    then
+        groupmod -g $LGID $GROUPNAME
+    fi
+else
+    groupadd -g $LGID $GROUPNAME
+fi
+
+# Create user and assign group
+
+if [ $NOUSER == 0 ] && [ `id -u $USERNAME` != $LUID ]
+then
+    usermod -u $LUID $USERNAME
+elif [ $NOUSER == 1 ]
+then
+    useradd -r -u $LUID -g $GROUPNAME $USERNAME
+fi
+
+# Make home directory for user
+
+if [ ! -d "/home/$USERNAME" ]
+then
+    mkhomedir_helper $USERNAME
+fi
+
+# The rest...
+
+chown -R $USERNAME:$GROUPNAME /etc/bitwarden
+cp /etc/bitwarden/web/settings.js /app/js/settings.js
+cp /etc/bitwarden/web/app-id.json /app/app-id.json
+chown -R $USERNAME:$GROUPNAME /app
+chown -R $USERNAME:$GROUPNAME /bitwarden_server
+
+gosu $USERNAME:$GROUPNAME dotnet /bitwarden_server/Server.dll \
+    /contentRoot=/app /webRoot=. /serveUnknown=false
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -12,6 +12,7 @@ var gulp = require('gulp'),
    ngAnnotate = require('gulp-ng-annotate'),
    preprocess = require('gulp-preprocess'),
    runSequence = require('run-sequence'),
+    jeditor = require("gulp-json-editor"),
    merge = require('merge-stream'),
    ngConfig = require('gulp-ng-config'),
    settings = require('./settings.json'),
@@ -25,7 +26,7 @@ var gulp = require('gulp'),

 var paths = {};
 paths.dist = './dist/';
-paths.webroot = './src/'
+paths.webroot = './src/';
 paths.js = paths.webroot + 'js/**/*.js';
 paths.minJs = paths.webroot + 'js/**/*.min.js';
 paths.concatJsDest = paths.webroot + 'js/bw.min.js';
@@ -46,7 +47,7 @@ gulp.task('lint', function () {
 gulp.task('build', function (cb) {
    return runSequence(
        'clean',
-        ['browserify', 'lib', 'webpack', 'less', 'settings', 'lint'],
+        ['browserify', 'lib', 'webpack', 'less', 'settings', 'lint', 'min:js'],
        cb);
 });

@@ -65,9 +66,19 @@ gulp.task('clean:lib', function (cb) {
 gulp.task('clean', ['clean:js', 'clean:css', 'clean:lib', 'dist:clean']);

 gulp.task('min:js', ['clean:js'], function () {
-    return gulp.src([paths.js, '!' + paths.minJs], { base: '.' })
+    return gulp.src(
+        [
+            paths.js,
+            '!' + paths.minJs,
+            '!' + paths.jsDir + 'fallback*.js',
+            '!' + paths.jsDir + 'u2f-connector.js',
+            '!' + paths.jsDir + 'duo-connector.js',
+            '!' + paths.jsDir + 'duo.js',
+            '!' + paths.jsDir + 'settings.js'
+        ], { base: '.' })
+        .pipe(preprocess({ context: { cacheTag: randomString, selfHosted: selfHosted } }))
        .pipe(concat(paths.concatJsDest))
-        .pipe(uglify())
+        //.pipe(uglify())
        .pipe(gulp.dest('.'));
 });

@@ -130,6 +141,10 @@ gulp.task('lib', ['clean:lib'], function () {
            src: paths.npmDir + 'angular-resource/*resource*.js',
            dest: paths.libDir + 'angular-resource'
        },
+        {
+            src: paths.npmDir + 'angular-sanitize/*sanitize*.js',
+            dest: paths.libDir + 'angular-sanitize'
+        },
        {
            src: [paths.npmDir + 'angular-toastr/dist/**/*.css', paths.npmDir + 'angular-toastr/dist/**/*.js'],
            dest: paths.libDir + 'angular-toastr'
@@ -158,12 +173,28 @@ gulp.task('lib', ['clean:lib'], function () {
            src: paths.npmDir + 'clipboard/dist/clipboard*.js',
            dest: paths.libDir + 'clipboard'
        },
+        {
+            src: paths.npmDir + 'node-forge/dist/prime.worker.*',
+            dest: paths.libDir + 'forge'
+        },
        {
            src: [
                paths.npmDir + 'angulartics-google-analytics/lib/angulartics*.js',
                paths.npmDir + 'angulartics/src/angulartics.js'
            ],
            dest: paths.libDir + 'angulartics'
+        },
+        //{
+        //    src: paths.npmDir + 'duo_web_sdk/index.js',
+        //    dest: paths.libDir + 'duo'
+        //},
+        {
+            src: paths.jsDir + 'duo.js',
+            dest: paths.libDir + 'duo'
+        },
+        {
+            src: paths.npmDir + 'angular-promise-polyfill/index.js',
+            dest: paths.libDir + 'angular-promise-polyfill'
        }
    ];

@@ -213,6 +244,7 @@ function config() {
            createModule: false,
            constants: _.merge({}, {
                appSettings: {
+                    selfHosted: false,
                    version: project.version,
                    environment: project.env
                }
@@ -261,7 +293,7 @@ gulp.task('browserify:cc', function () {
 });

 gulp.task('dist:clean', function (cb) {
-    return rimraf(paths.dist, cb);
+    return rimraf(paths.dist + '**/*', cb);
 });

 gulp.task('dist:move', function () {
@@ -274,7 +306,7 @@ gulp.task('dist:move', function () {
            src: [
                paths.npmDir + 'bootstrap/dist/**/bootstrap.min.js',
                paths.npmDir + 'bootstrap/dist/**/bootstrap.min.css',
-                paths.npmDir + 'bootstrap/dist/**/fonts/**/*',
+                paths.npmDir + 'bootstrap/dist/**/fonts/**/*'
            ],
            dest: paths.dist + 'lib/bootstrap'
        },
@@ -293,12 +325,40 @@ gulp.task('dist:move', function () {
            src: paths.npmDir + 'angular/angular.min.js',
            dest: paths.dist + 'lib/angular'
        },
+        {
+            src: paths.npmDir + 'node-forge/dist/prime.worker.*',
+            dest: paths.dist + 'lib/forge'
+        },
+        //{
+        //    src: paths.npmDir + 'duo_web_sdk/index.js',
+        //    dest: paths.dist + 'lib/duo'
+        //},
+        {
+            src: paths.jsDir + 'duo.js',
+            dest: paths.dist + 'js'
+        },
+        {
+            src: paths.jsDir + 'duo-connector.js',
+            dest: paths.dist + 'js'
+        },
+        {
+            src: paths.jsDir + 'settings.js',
+            dest: paths.dist + 'js'
+        },
+        {
+            src: paths.jsDir + 'bw.min.js',
+            dest: paths.dist + 'js'
+        },
        {
            src: [
                paths.webroot + '**/app/**/*.html',
                paths.webroot + '**/images/**/*',
                paths.webroot + 'index.html',
-                paths.webroot + 'favicon.ico'
+                paths.webroot + 'u2f-connector.html',
+                paths.webroot + 'duo-connector.html',
+                paths.webroot + 'favicon.ico',
+                paths.webroot + 'manifest.json',
+                paths.webroot + 'app-id.json'
            ],
            dest: paths.dist
        }
@@ -317,7 +377,7 @@ gulp.task('dist:css', function () {
            paths.cssDir + '**/*.css',
            '!' + paths.cssDir + '**/*.min.css'
        ])
-        .pipe(preprocess({ context: { cacheTag: randomString } }))
+        .pipe(preprocess({ context: { cacheTag: randomString, selfHosted: selfHosted } }))
        .pipe(cssmin())
        .pipe(rename({ suffix: '.min' }))
        .pipe(gulp.dest(paths.dist + 'css'));
@@ -333,10 +393,35 @@ gulp.task('dist:js:app', function () {
        ]);

    merge(mainStream, config())
-        .pipe(preprocess({ context: { cacheTag: randomString } }))
+        .pipe(preprocess({ context: { cacheTag: randomString, selfHosted: selfHosted } }))
        .pipe(concat(paths.dist + '/js/app.min.js'))
        .pipe(ngAnnotate())
-        .pipe(uglify())
+        //.pipe(uglify())
+        .pipe(gulp.dest('.'));
+});
+
+gulp.task('dist:js:fallback', function () {
+    var mainStream = gulp
+        .src([
+            paths.jsDir + 'fallback*.js'
+        ]);
+
+    merge(mainStream)
+        .pipe(preprocess({ context: { cacheTag: randomString, selfHosted: selfHosted } }))
+        //.pipe(uglify())
+        .pipe(rename({ suffix: '.min' }))
+        .pipe(gulp.dest(paths.dist + 'js'));
+});
+
+gulp.task('dist:js:u2f', function () {
+    var mainStream = gulp
+        .src([
+            paths.jsDir + 'u2f*.js'
+        ]);
+
+    merge(mainStream)
+        .pipe(concat(paths.dist + '/js/u2f.min.js'))
+        //.pipe(uglify())
        .pipe(gulp.dest('.'));
 });

@@ -351,7 +436,7 @@ gulp.task('dist:js:lib', function () {
            '!' + paths.libDir + 'jquery/**/*'
        ])
        .pipe(concat(paths.dist + '/js/lib.min.js'))
-        .pipe(uglify())
+        //.pipe(uglify())
        .pipe(gulp.dest('.'));
 });

@@ -360,18 +445,30 @@ gulp.task('dist:preprocess', function () {
        .src([
            paths.dist + '/**/*.html'
        ], { base: '.' })
-        .pipe(preprocess({ context: { cacheTag: randomString } }))
+        .pipe(preprocess({ context: { cacheTag: randomString, selfHosted: selfHosted } }))
        .pipe(gulp.dest('.'));
 });

+gulp.task('dist:version', function () {
+    gulp.src(paths.webroot + 'version.json').pipe(jeditor({
+        'version': project.version
+    })).pipe(gulp.dest(paths.dist));
+});
+
 gulp.task('dist', ['build'], function (cb) {
    return runSequence(
        'dist:clean',
-        ['dist:move', 'dist:css', 'dist:js:app', 'dist:js:lib'],
+        ['dist:move', 'dist:css', 'dist:js:app', 'dist:js:lib', 'dist:js:fallback', 'dist:js:u2f', 'dist:version'],
        'dist:preprocess',
        cb);
 });

+var selfHosted = false;
+gulp.task('dist:selfHosted', function (cb) {
+    selfHosted = true;
+    return runSequence('dist', cb);
+});
+
 gulp.task('deploy', ['dist'], function () {
    return gulp.src(paths.dist + '**/*')
        .pipe(ghPages({ cacheDir: paths.dist + '.publish' }));
@@ -388,6 +485,15 @@ gulp.task('deploy-preview', ['dist'], function () {
 gulp.task('serve', function () {
    connect.server({
        port: 4001,
-        root: ['src']
+        root: ['src'],
+        //https: true,
+        middleware: function (connect, opt) {
+            return [function (req, res, next) {
+                if (req.originalUrl.indexOf('app-id.json') > -1) {
+                    res.setHeader('Content-Type', 'application/fido.trusted-apps+json');
+                }
+                next();
+            }];
+        }
    });
 });
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,52 +1,56 @@
 {
  "name": "bitwarden",
-  "version": "1.10.1",
+  "version": "1.26.0",
  "env": "Production",
  "devDependencies": {
-    "connect": "3.6.0",
+    "connect": "3.6.5",
    "lodash": "4.17.4",
    "gulp": "3.9.1",
    "gulp-concat": "2.6.1",
-    "gulp-cssmin": "0.1.7",
-    "gulp-less": "3.3.0",
+    "gulp-cssmin": "0.2.0",
+    "gulp-less": "3.3.2",
    "gulp-rename": "1.2.2",
-    "gulp-uglify": "2.1.2",
-    "gulp-gh-pages": "0.5.4",
+    "gulp-uglify": "3.0.0",
+    "gulp-gh-pages": "git+https://github.com/tekd/gulp-gh-pages.git#update-dependency",
    "gulp-preprocess": "2.0.0",
    "gulp-ng-annotate": "2.0.0",
-    "gulp-ng-config": "1.4.0",
+    "gulp-ng-config": "1.5.0",
    "gulp-connect": "5.0.0",
-    "jshint": "2.9.4",
+    "gulp-json-editor": "2.2.2",
+    "jshint": "2.9.5",
    "gulp-jshint": "2.0.4",
-    "rimraf": "2.6.1",
-    "run-sequence": "1.2.2",
+    "rimraf": "2.6.2",
+    "run-sequence": "2.2.0",
    "merge-stream": "1.0.1",
-    "jquery": "2.2.4",
+    "jquery": "3.2.1",
    "font-awesome": "4.7.0",
    "bootstrap": "3.3.7",
-    "angular": "1.6.3",
-    "angular-resource": "1.6.3",
-    "angular-ui-bootstrap": "2.5.0",
+    "angular": "1.6.7",
+    "angular-resource": "1.6.7",
+    "angular-sanitize": "1.6.7",
+    "angular-ui-bootstrap": "2.5.6",
    "angular-ui-router": "0.4.2",
    "angular-jwt": "0.1.9",
-    "angular-cookies": "1.6.3",
+    "angular-cookies": "1.6.7",
    "admin-lte": "2.3.11",
    "angular-toastr": "2.1.1",
    "angular-bootstrap-show-errors": "2.3.0",
-    "angular-messages": "1.6.3",
+    "angular-messages": "1.6.7",
    "ngstorage": "0.3.11",
-    "papaparse": "4.2.0",
-    "clipboard": "1.6.1",
-    "ngclipboard": "1.1.1",
-    "angulartics": "1.4.0",
+    "papaparse": "4.3.6",
+    "clipboard": "1.7.1",
+    "ngclipboard": "1.1.2",
+    "angulartics": "1.5.0",
    "angulartics-google-analytics": "0.4.0",
    "node-forge": "0.7.1",
-    "webpack-stream": "3.2.0",
-    "angular-stripe": "4.2.12",
+    "webpack-stream": "4.0.0",
+    "angular-stripe": "5.0.0",
    "angular-credit-cards": "3.1.6",
-    "browserify": "14.1.0",
+    "browserify": "14.5.0",
    "vinyl-source-stream": "1.1.0",
    "gulp-derequire": "2.1.0",
-    "exposify": "0.5.0"
+    "exposify": "0.5.0",
+    "duo_web_sdk": "git+https://github.com/duosecurity/duo_web_sdk.git",
+    "angular-promise-polyfill": "0.0.4"
  }
 }
--- a/settings.Preview.json
+++ b/settings.Preview.json
@@ -1,6 +1,9 @@
 {
  "appSettings": {
-    "apiUri": "https://preview-api.bitwarden.com",
-    "identityUri": "https://preview-identity.bitwarden.com"
+    "apiUri": "/api",
+    "identityUri": "/identity",
+    "iconsUri": "https://icons.bitwarden.com",
+    "stripeKey": "pk_test_KPoCfZXu7mznb9uSCPZ2JpTD",
+    "braintreeKey": "sandbox_r72q8jq6_9pnxkwm75f87sdc2"
  }
 }
--- a/settings.Production.json
+++ b/settings.Production.json
@@ -1,6 +1,9 @@
 {
  "appSettings": {
-    "apiUri": "https://api.bitwarden.com",
-    "identityUri": "https://identity.bitwarden.com"
+    "apiUri": "/api",
+    "identityUri": "/identity",
+    "iconsUri": "https://icons.bitwarden.com",
+    "stripeKey": "pk_live_bpN0P37nMxrMQkcaHXtAybJk",
+    "braintreeKey": "production_qfbsv8kc_njj2zjtyngtjmbjd"
  }
 }
--- a/settings.json
+++ b/settings.json
@@ -1,6 +1,9 @@
 {
  "appSettings": {
    "apiUri": "http://localhost:4000",
-    "identityUri": "http://localhost:33656"
+    "identityUri": "http://localhost:33656",
+    "iconsUri": "https://icons.bitwarden.com",
+    "stripeKey": "pk_test_KPoCfZXu7mznb9uSCPZ2JpTD",
+    "braintreeKey": "sandbox_r72q8jq6_9pnxkwm75f87sdc2"
  }
 }
--- a/src/app-id.json
+++ b/src/app-id.json
@@ -0,0 +1,15 @@
+{
+  "trustedFacets": [
+    {
+      "version": {
+        "major": 1,
+        "minor": 0
+      },
+      "ids": [
+        "https://vault.bitwarden.com",
+        "ios:bundle-id:com.8bit.bitwarden",
+        "android:apk-key-hash:dUGFzUzf3lmHSLBDBIv+WaFyZMI"
+      ]
+    }
+  ]
+}
--- a/src/app/accounts/accountsLoginController.js
+++ b/src/app/accounts/accountsLoginController.js
@@ -2,35 +2,55 @@ angular
    .module('bit.accounts')

    .controller('accountsLoginController', function ($scope, $rootScope, $cookies, apiService, cryptoService, authService,
-        $state, constants, $analytics) {
+        $state, constants, $analytics, $uibModal, $timeout, $window, $filter, toastr) {
        $scope.state = $state;
+        $scope.twoFactorProviderConstants = constants.twoFactorProvider;
+        $scope.rememberTwoFactor = { checked: false };
+        var stopU2fCheck = true;

-        var returnState;
-        if (!$state.params.returnState && $state.params.org) {
-            returnState = {
+        $scope.returnState = $state.params.returnState;
+        $scope.stateEmail = $state.params.email;
+        if (!$scope.returnState && $state.params.org) {
+            $scope.returnState = {
                name: 'backend.user.settingsCreateOrg',
                params: { plan: $state.params.org }
            };
        }
-        else {
-            returnState = $state.params.returnState;
-        }
-
-        var rememberedEmail = $cookies.get(constants.rememberedEmailCookieName);
-        if (rememberedEmail || $state.params.email) {
-            $scope.model = {
-                email: $state.params.email ? $state.params.email : rememberedEmail,
-                rememberEmail: rememberedEmail !== null
+        else if (!$scope.returnState && $state.params.premium) {
+            $scope.returnState = {
+                name: 'backend.user.settingsPremium'
            };
        }

-        var email,
-            masterPassword;
+        if ($state.current.name.indexOf('twoFactor') > -1 && (!$scope.twoFactorProviders || !$scope.twoFactorProviders.length)) {
+            $state.go('frontend.login.info', { returnState: $scope.returnState });
+        }
+
+        var rememberedEmail = $cookies.get(constants.rememberedEmailCookieName);
+        if (rememberedEmail || $scope.stateEmail) {
+            $scope.model = {
+                email: $scope.stateEmail || rememberedEmail,
+                rememberEmail: rememberedEmail !== null
+            };
+
+            $timeout(function () {
+                $("#masterPassword").focus();
+            });
+        }
+        else {
+            $timeout(function () {
+                $("#email").focus();
+            });
+        }
+
+        var _email,
+            _masterPassword;
+
+        $scope.twoFactorProviders = null;
+        $scope.twoFactorProvider = null;

        $scope.login = function (model) {
-            $scope.loginPromise = authService.logIn(model.email, model.masterPassword);
-
-            $scope.loginPromise.then(function (twoFactorProviders) {
+            $scope.loginPromise = authService.logIn(model.email, model.masterPassword).then(function (twoFactorProviders) {
                if (model.rememberEmail) {
                    var cookieExpiration = new Date();
                    cookieExpiration.setFullYear(cookieExpiration.getFullYear() + 10);
@@ -44,36 +64,216 @@ angular
                    $cookies.remove(constants.rememberedEmailCookieName);
                }

-                if (twoFactorProviders && twoFactorProviders.length > 0) {
-                    email = model.email;
-                    masterPassword = model.masterPassword;
+                if (twoFactorProviders && Object.keys(twoFactorProviders).length > 0) {
+                    _email = model.email;
+                    _masterPassword = model.masterPassword;
+
+                    $scope.twoFactorProviders = cleanProviders(twoFactorProviders);
+                    $scope.twoFactorProvider = getDefaultProvider($scope.twoFactorProviders);

                    $analytics.eventTrack('Logged In To Two-step');
-                    $state.go('frontend.login.twoFactor', { returnState: returnState });
+                    $state.go('frontend.login.twoFactor', { returnState: $scope.returnState }).then(function () {
+                        $timeout(function () {
+                            $("#code").focus();
+                            init();
+                        });
+                    });
                }
                else {
                    $analytics.eventTrack('Logged In');
                    loggedInGo();
                }
+
+                model.masterPassword = '';
            });
        };

-        $scope.twoFactor = function (model) {
-            // Only supporting Authenticator (0) provider for now
-            $scope.twoFactorPromise = authService.logIn(email, masterPassword, model.code, 0);
+        function getDefaultProvider(twoFactorProviders) {
+            var keys = Object.keys(twoFactorProviders);
+            var providerType = null;
+            var providerPriority = -1;
+            for (var i = 0; i < keys.length; i++) {
+                var provider = $filter('filter')(constants.twoFactorProviderInfo, { type: keys[i], active: true });
+                if (provider.length && provider[0].priority > providerPriority) {
+                    if (provider[0].type === constants.twoFactorProvider.u2f && !u2f.isSupported) {
+                        continue;
+                    }
+
+                    providerType = provider[0].type;
+                    providerPriority = provider[0].priority;
+                }
+            }
+
+            if (providerType === null) {
+                return null;
+            }
+
+            return parseInt(providerType);
+        }
+
+        function cleanProviders(twoFactorProviders) {
+            if (canUseSecurityKey()) {
+                return twoFactorProviders;
+            }
+
+            var keys = Object.keys(twoFactorProviders);
+            for (var i = 0; i < keys.length; i++) {
+                var provider = $filter('filter')(constants.twoFactorProviderInfo, {
+                    type: keys[i],
+                    active: true,
+                    requiresUsb: false
+                });
+                if (!provider.length) {
+                    delete twoFactorProviders[keys[i]];
+                }
+            }
+
+            return twoFactorProviders;
+        }
+
+        // ref: https://stackoverflow.com/questions/11381673/detecting-a-mobile-browser
+        function canUseSecurityKey() {
+            var mobile = false;
+            (function (a) {
+                if (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i.test(a) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(a.substr(0, 4))) {
+                    mobile = true;
+                }
+            })(navigator.userAgent || navigator.vendor || window.opera);
+
+            return !mobile && !navigator.userAgent.match(/iPad/i);
+        }
+
+        $scope.twoFactor = function (token) {
+            if ($scope.twoFactorProvider === constants.twoFactorProvider.email ||
+                $scope.twoFactorProvider === constants.twoFactorProvider.authenticator) {
+                token = token.replace(' ', '');
+            }
+
+            $scope.twoFactorPromise = authService.logIn(_email, _masterPassword, token, $scope.twoFactorProvider,
+                $scope.rememberTwoFactor.checked || false);

            $scope.twoFactorPromise.then(function () {
                $analytics.eventTrack('Logged In From Two-step');
                loggedInGo();
+            }, function () {
+                if ($scope.twoFactorProvider === constants.twoFactorProvider.u2f) {
+                    init();
+                }
            });
        };

+        $scope.anotherMethod = function () {
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/accounts/views/accountsTwoFactorMethods.html',
+                controller: 'accountsTwoFactorMethodsController',
+                resolve: {
+                    providers: function () { return $scope.twoFactorProviders; }
+                }
+            });
+
+            modal.result.then(function (provider) {
+                $scope.twoFactorProvider = provider;
+                $timeout(function () {
+                    $("#code").focus();
+                    init();
+                });
+            });
+        };
+
+        $scope.sendEmail = function (doToast) {
+            if ($scope.twoFactorProvider !== constants.twoFactorProvider.email) {
+                return;
+            }
+
+            return cryptoService.makeKeyAndHash(_email, _masterPassword).then(function (result) {
+                return apiService.twoFactor.sendEmailLogin({
+                    email: _email,
+                    masterPasswordHash: result.hash
+                }).$promise;
+            }).then(function () {
+                if (doToast) {
+                    toastr.success('Verification email sent to ' + $scope.twoFactorEmail + '.');
+                }
+            }, function () {
+                toastr.error('Could not send verification email.');
+            });
+        };
+
+        $scope.$on('$destroy', function () {
+            stopU2fCheck = true;
+        });
+
        function loggedInGo() {
-            if (returnState) {
-                $state.go(returnState.name, returnState.params);
+            if ($scope.returnState) {
+                $state.go($scope.returnState.name, $scope.returnState.params);
            }
            else {
                $state.go('backend.user.vault');
            }
        }
+
+        function init() {
+            stopU2fCheck = true;
+            var params;
+            if ($scope.twoFactorProvider === constants.twoFactorProvider.duo ||
+                $scope.twoFactorProvider === constants.twoFactorProvider.organizationDuo) {
+                params = $scope.twoFactorProviders[$scope.twoFactorProvider];
+
+                $window.Duo.init({
+                    host: params.Host,
+                    sig_request: params.Signature,
+                    submit_callback: function (theForm) {
+                        var response = $(theForm).find('input[name="sig_response"]').val();
+                        $scope.twoFactor(response);
+                    }
+                });
+            }
+            else if ($scope.twoFactorProvider === constants.twoFactorProvider.u2f) {
+                stopU2fCheck = false;
+                params = $scope.twoFactorProviders[constants.twoFactorProvider.u2f];
+                var challenges = JSON.parse(params.Challenges);
+
+                initU2f(challenges);
+            }
+            else if ($scope.twoFactorProvider === constants.twoFactorProvider.email) {
+                params = $scope.twoFactorProviders[constants.twoFactorProvider.email];
+                $scope.twoFactorEmail = params.Email;
+                if (Object.keys($scope.twoFactorProviders).length > 1) {
+                    $scope.sendEmail(false);
+                }
+            }
+        }
+
+        function initU2f(challenges) {
+            if (stopU2fCheck) {
+                return;
+            }
+
+            if (challenges.length < 1 || $scope.twoFactorProvider !== constants.twoFactorProvider.u2f) {
+                return;
+            }
+
+            console.log('listening for u2f key...');
+
+            $window.u2f.sign(challenges[0].appId, challenges[0].challenge, [{
+                version: challenges[0].version,
+                keyHandle: challenges[0].keyHandle
+            }], function (data) {
+                if ($scope.twoFactorProvider !== constants.twoFactorProvider.u2f) {
+                    return;
+                }
+
+                if (data.errorCode) {
+                    console.log(data.errorCode);
+
+                    $timeout(function () {
+                        initU2f(challenges);
+                    }, data.errorCode === 5 ? 0 : 1000);
+
+                    return;
+                }
+                $scope.twoFactor(JSON.stringify(data));
+            }, 10);
+        }
    });
--- a/src/app/accounts/accountsOrganizationAcceptController.js
+++ b/src/app/accounts/accountsOrganizationAcceptController.js
@@ -42,8 +42,4 @@ angular
                $scope.loading = false;
            }
        });
-
-        $scope.submit = function (model) {
-
-        };
    });
--- a/src/app/accounts/accountsRecoverController.js
+++ b/src/app/accounts/accountsRecoverController.js
@@ -6,17 +6,16 @@ angular

        $scope.submit = function (model) {
            var email = model.email.toLowerCase();
-            var key = cryptoService.makeKey(model.masterPassword, email);

-            var request = {
-                email: email,
-                masterPasswordHash: cryptoService.hashPassword(model.masterPassword, key),
-                recoveryCode: model.code.replace(/\s/g, '').toLowerCase()
-            };
-
-            $scope.submitPromise = apiService.accounts.postTwoFactorRecover(request, function () {
+            $scope.submitPromise = cryptoService.makeKeyAndHash(model.email, model.masterPassword).then(function (result) {
+                return apiService.twoFactor.recover({
+                    email: email,
+                    masterPasswordHash: result.hash,
+                    recoveryCode: model.code.replace(/\s/g, '').toLowerCase()
+                }).$promise;
+            }).then(function () {
                $analytics.eventTrack('Recovered 2FA');
                $scope.success = true;
-            }).$promise;
+            });
        };
    });
--- a/src/app/accounts/accountsRecoverDeleteController.js
+++ b/src/app/accounts/accountsRecoverDeleteController.js
@@ -0,0 +1,13 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsRecoverDeleteController', function ($scope, $rootScope, apiService, $analytics) {
+        $scope.success = false;
+
+        $scope.submit = function (model) {
+            $scope.submitPromise = apiService.accounts.postDeleteRecover({ email: model.email }, function () {
+                $analytics.eventTrack('Started Delete Recovery');
+                $scope.success = true;
+            }).$promise;
+        };
+    });
--- a/src/app/accounts/accountsRegisterController.js
+++ b/src/app/accounts/accountsRegisterController.js
@@ -2,7 +2,7 @@ angular
    .module('bit.accounts')

    .controller('accountsRegisterController', function ($scope, $location, apiService, cryptoService, validationService,
-        $analytics, $state) {
+        $analytics, $state, $timeout) {
        var params = $location.search();
        var stateParams = $state.params;
        $scope.createOrg = stateParams.org;
@@ -13,6 +13,12 @@ angular
                params: { plan: $state.params.org }
            };
        }
+        else if (!stateParams.returnState && stateParams.premium) {
+            $scope.returnState = {
+                name: 'backend.user.settingsPremium',
+                params: { plan: $state.params.org }
+            };
+        }
        else {
            $scope.returnState = stateParams.returnState;
        }
@@ -23,6 +29,16 @@ angular
        };
        $scope.readOnlyEmail = stateParams.email !== null;

+
+        $timeout(function () {
+            if ($scope.model.email) {
+                $("#name").focus();
+            }
+            else {
+                $("#email").focus();
+            }
+        });
+
        $scope.registerPromise = null;
        $scope.register = function (form) {
            var error = false;
@@ -41,14 +57,19 @@ angular
            }

            var email = $scope.model.email.toLowerCase();
-            var key = cryptoService.makeKey($scope.model.masterPassword, email);
+            var makeResult, encKey;

-            $scope.registerPromise = cryptoService.makeKeyPair(key).then(function (result) {
+            $scope.registerPromise = cryptoService.makeKeyAndHash(email, $scope.model.masterPassword).then(function (result) {
+                makeResult = result;
+                encKey = cryptoService.makeEncKey(result.key);
+                return cryptoService.makeKeyPair(encKey.encKey);
+            }).then(function (result) {
                var request = {
                    name: $scope.model.name,
                    email: email,
-                    masterPasswordHash: cryptoService.hashPassword($scope.model.masterPassword, key),
+                    masterPasswordHash: makeResult.hash,
                    masterPasswordHint: $scope.model.masterPasswordHint,
+                    key: encKey.encKeyEnc,
                    keys: {
                        publicKey: result.publicKey,
                        encryptedPrivateKey: result.privateKeyEnc
--- a/src/app/accounts/accountsTwoFactorMethodsController.js
+++ b/src/app/accounts/accountsTwoFactorMethodsController.js
@@ -0,0 +1,43 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsTwoFactorMethodsController', function ($scope, $uibModalInstance, $analytics, providers, constants) {
+        $analytics.eventTrack('accountsTwoFactorMethodsController', { category: 'Modal' });
+
+        $scope.providers = [];
+
+        if (providers.hasOwnProperty(constants.twoFactorProvider.organizationDuo)) {
+            add(constants.twoFactorProvider.organizationDuo);
+        }
+        if (providers.hasOwnProperty(constants.twoFactorProvider.authenticator)) {
+            add(constants.twoFactorProvider.authenticator);
+        }
+        if (providers.hasOwnProperty(constants.twoFactorProvider.yubikey)) {
+            add(constants.twoFactorProvider.yubikey);
+        }
+        if (providers.hasOwnProperty(constants.twoFactorProvider.email)) {
+            add(constants.twoFactorProvider.email);
+        }
+        if (providers.hasOwnProperty(constants.twoFactorProvider.duo)) {
+            add(constants.twoFactorProvider.duo);
+        }
+        if (providers.hasOwnProperty(constants.twoFactorProvider.u2f) && u2f.isSupported) {
+            add(constants.twoFactorProvider.u2f);
+        }
+
+        $scope.choose = function (provider) {
+            $uibModalInstance.close(provider.type);
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+
+        function add(type) {
+            for (var i = 0; i < constants.twoFactorProviderInfo.length; i++) {
+                if (constants.twoFactorProviderInfo[i].type === type) {
+                    $scope.providers.push(constants.twoFactorProviderInfo[i]);
+                }
+            }
+        }
+    });
--- a/src/app/accounts/accountsVerifyEmailController.js
+++ b/src/app/accounts/accountsVerifyEmailController.js
@@ -0,0 +1,28 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsVerifyEmailController', function ($scope, $state, apiService, toastr, $analytics) {
+        if (!$state.params.userId || !$state.params.token) {
+            $state.go('frontend.login.info').then(function () {
+                toastr.error('Invalid parameters.');
+            });
+            return;
+        }
+
+        $scope.$on('$viewContentLoaded', function () {
+            apiService.accounts.verifyEmailToken({},
+                {
+                    token: $state.params.token,
+                    userId: $state.params.userId
+                }, function () {
+                    $analytics.eventTrack('Verified Email');
+                    $state.go('frontend.login.info', null, { location: 'replace' }).then(function () {
+                        toastr.success('Your email has been verified. Thank you.', 'Success');
+                    });
+                }, function () {
+                    $state.go('frontend.login.info', null, { location: 'replace' }).then(function () {
+                        toastr.error('Unable to verify email.', 'Error');
+                    });
+                });
+        });
+    });
--- a/src/app/accounts/accountsVerifyRecoverDeleteController.js
+++ b/src/app/accounts/accountsVerifyRecoverDeleteController.js
@@ -0,0 +1,36 @@
+angular
+    .module('bit.accounts')
+
+    .controller('accountsVerifyRecoverDeleteController', function ($scope, $state, apiService, toastr, $analytics) {
+        if (!$state.params.userId || !$state.params.token || !$state.params.email) {
+            $state.go('frontend.login.info').then(function () {
+                toastr.error('Invalid parameters.');
+            });
+            return;
+        }
+
+        $scope.email = $state.params.email;
+
+        $scope.delete = function () {
+            if (!confirm('Are you sure you want to delete this account? This cannot be undone.')) {
+                return;
+            }
+
+            $scope.deleting = true;
+            apiService.accounts.postDeleteRecoverToken({},
+                {
+                    token: $state.params.token,
+                    userId: $state.params.userId
+                }, function () {
+                    $analytics.eventTrack('Recovered Delete');
+                    $state.go('frontend.login.info', null, { location: 'replace' }).then(function () {
+                        toastr.success('Your account has been deleted. You can register a new account again if you like.',
+                            'Success');
+                    });
+                }, function () {
+                    $state.go('frontend.login.info', null, { location: 'replace' }).then(function () {
+                        toastr.error('Unable to delete account.', 'Error');
+                    });
+                });
+        };
+    });
--- a/src/app/accounts/views/accountsLoginInfo.html
+++ b/src/app/accounts/views/accountsLoginInfo.html
@@ -1,7 +1,7 @@
 <p class="login-box-msg">Log in to access your vault.</p>
 <form name="loginForm" ng-submit="loginForm.$valid && login(model)" api-form="loginPromise">
    <div class="callout callout-danger validation-errors" ng-show="loginForm.$errors">
-        <h4>Errors have occured</h4>
+        <h4>Errors have occurred</h4>
        <ul>
            <li ng-repeat="e in loginForm.$errors">{{e}}</li>
        </ul>
@@ -36,7 +36,7 @@
    <hr />
    <ul>
        <li>
-            <a ui-sref="frontend.register({returnState: state.params.returnState, email: state.params.email})">
+            <a ui-sref="frontend.register({returnState: returnState, email: stateEmail})">
                Create a new account
            </a>
        </li>
--- a/src/app/accounts/views/accountsLoginTwoFactor.html
+++ b/src/app/accounts/views/accountsLoginTwoFactor.html
@@ -1,25 +1,168 @@
-<p class="login-box-msg">Enter your two-step verification code.</p>
-<form name="twoFactorForm" ng-submit="twoFactorForm.$valid && twoFactor(model)" api-form="twoFactorPromise">
-    <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
-        <h4>Errors have occured</h4>
-        <ul>
-            <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
-        </ul>
+<div ng-if="twoFactorProvider === twoFactorProviderConstants.authenticator ||
+     twoFactorProvider === twoFactorProviderConstants.email">
+    <p class="login-box-msg" ng-if="twoFactorProvider === twoFactorProviderConstants.authenticator">
+        Enter the 6 digit verification code from your authenticator app.
+    </p>
+    <div ng-if="twoFactorProvider === twoFactorProviderConstants.email" class="text-center">
+        <p class="login-box-msg">
+            Enter the 6 digit verification code that was emailed to <b>{{twoFactorEmail}}</b>.
+        </p>
+        <p>
+            Didn't get the email?
+            <a href="#" stop-click ng-click="sendEmail(true)" ng-if="twoFactorProvider === twoFactorProviderConstants.email">
+                Send it again
+            </a>
+        </p>
    </div>
-    <div class="form-group has-feedback" show-errors>
-        <label for="code" class="sr-only">Code</label>
-        <input type="text" id="code" name="Code" class="form-control" placeholder="Verification code" ng-model="model.code"
-               required api-field />
-        <span class="fa fa-lock form-control-feedback"></span>
-    </div>
-    <div class="row">
-        <div class="col-xs-7">
-            <a ui-sref="frontend.recover">Lost authenticator app?</a>
+    <form name="twoFactorForm" ng-submit="twoFactorForm.$valid && twoFactor(token)" api-form="twoFactorPromise">
+        <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
+            </ul>
        </div>
-        <div class="col-xs-5">
-            <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="twoFactorForm.$loading">
-                <i class="fa fa-refresh fa-spin loading-icon" ng-show="twoFactorForm.$loading"></i>Log In
-            </button>
+        <div class="form-group has-feedback" show-errors>
+            <label for="code" class="sr-only">Code</label>
+            <input type="text" id="code" name="Code" class="form-control" placeholder="Verification code"
+                   ng-model="token" required api-field autocomplete="off" autocorrect="off" autocapitalize="off"
+                   spellcheck="false" />
+            <span class="fa fa-lock form-control-feedback"></span>
        </div>
-    </div>
-</form>
+        <div class="row">
+            <div class="col-xs-7">
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" id="rememberMe" ng-model="rememberTwoFactor.checked" /> Remember Me
+                    </label>
+                </div>
+            </div>
+            <div class="col-xs-5">
+                <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="twoFactorForm.$loading">
+                    <i class="fa fa-refresh fa-spin loading-icon" ng-show="twoFactorForm.$loading"></i>Log In
+                </button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<div ng-if="twoFactorProvider === twoFactorProviderConstants.yubikey">
+    <p class="login-box-msg">
+        Complete logging in with YubiKey.
+    </p>
+    <form name="twoFactorForm" ng-submit="twoFactorForm.$valid && twoFactor(token)" api-form="twoFactorPromise"
+          autocomplete="off">
+        <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <p>Insert your YubiKey into your computer's USB port, then touch its button.</p>
+        <p>
+            <img src="images/two-factor/yubikey.jpg" alt="" class="img-rounded img-responsive" />
+        </p>
+        <div class="form-group" show-errors>
+            <label for="code" class="sr-only">Token</label>
+            <input type="password" id="code" name="Token" class="form-control" ng-model="token"
+                   autocomplete="new-password" required api-field />
+        </div>
+        <div class="row">
+            <div class="col-xs-7">
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" id="rememberMe" ng-model="rememberTwoFactor.checked" /> Remember Me
+                    </label>
+                </div>
+            </div>
+            <div class="col-xs-5">
+                <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="twoFactorForm.$loading">
+                    <i class="fa fa-refresh fa-spin loading-icon" ng-show="twoFactorForm.$loading"></i>Log In
+                </button>
+            </div>
+        </div>
+    </form>
+</div>
+
+<div ng-if="twoFactorProvider === twoFactorProviderConstants.duo ||
+     twoFactorProvider === twoFactorProviderConstants.organizationDuo">
+    <p class="login-box-msg">
+        Complete logging in with Duo.
+    </p>
+    <form name="twoFactorForm" ng-submit="twoFactorForm.$valid && twoFactor(token)" api-form="twoFactorPromise"
+          autocomplete="off">
+        <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div id="duoFrameWrapper">
+            <iframe id="duo_iframe"></iframe>
+        </div>
+        <div class="row">
+            <div class="col-xs-7">
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" id="rememberMe" ng-model="rememberTwoFactor.checked" /> Remember Me
+                    </label>
+                </div>
+            </div>
+            <div class="col-xs-5">
+                <span ng-show="twoFactorForm.$loading">
+                    <i class="fa fa-refresh fa-spin loading-icon"></i> Logging in...
+                </span>
+            </div>
+        </div>
+    </form>
+</div>
+
+<div ng-if="twoFactorProvider === twoFactorProviderConstants.u2f">
+    <p class="login-box-msg">
+        Complete logging in with FIDO U2F.
+    </p>
+    <form name="twoFactorForm" api-form="twoFactorPromise" autocomplete="off">
+        <div class="callout callout-danger validation-errors" ng-show="twoFactorForm.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in twoFactorForm.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <p>Insert your Security Key into your computer's USB port. If it has a button, touch it.</p>
+        <p>
+            <img src="images/two-factor/u2fkey.jpg" alt="" class="img-rounded img-responsive" />
+        </p>
+        <div class="row">
+            <div class="col-xs-7">
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" id="rememberMe" ng-model="rememberTwoFactor.checked" /> Remember Me
+                    </label>
+                </div>
+            </div>
+            <div class="col-xs-5">
+                <span ng-show="twoFactorForm.$loading">
+                    <i class="fa fa-refresh fa-spin loading-icon"></i> Logging in...
+                </span>
+            </div>
+        </div>
+    </form>
+</div>
+
+<div ng-if="twoFactorProvider === null">
+    <p>
+        This account has two-step login enabled, however, none of the configured two-step providers are supported by this
+        web browser.
+    </p>
+    Please use a supported web browser (such as Chrome) and/or add additional providers that are better supported
+    across web browsers (such as an authenticator app).
+</div>
+
+<hr />
+<ul>
+    <li>
+        <a stop-click href="#" ng-click="anotherMethod()">Use another two-step login method</a>
+    </li>
+    <li>
+        <a ui-sref="frontend.login.info({returnState: returnState})">Back to log in</a>
+    </li>
+</ul>
--- a/src/app/accounts/views/accountsOrganizationAccept.html
+++ b/src/app/accounts/views/accountsOrganizationAccept.html
@@ -14,7 +14,7 @@
            <p class="text-center"><strong>{{state.params.email}}</strong></p>
            <p>
                You've been invited to join the organization listed above.
-                To accept the invitation, you need to log in or create a new bitwarden account.
+                To accept the invitation, you need to log in or create a new Bitwarden account.
            </p>
            <hr />
            <div class="row">
--- a/src/app/accounts/views/accountsPasswordHint.html
+++ b/src/app/accounts/views/accountsPasswordHint.html
@@ -13,7 +13,7 @@
        <form name="passwordHintForm" ng-submit="passwordHintForm.$valid && submit(model)" ng-show="!success"
              api-form="submitPromise">
            <div class="callout callout-danger validation-errors" ng-show="passwordHintForm.$errors">
-                <h4>Errors have occured</h4>
+                <h4>Errors have occurred</h4>
                <ul>
                    <li ng-repeat="e in passwordHintForm.$errors">{{e}}</li>
                </ul>
--- a/src/app/accounts/views/accountsRecover.html
+++ b/src/app/accounts/views/accountsRecover.html
@@ -3,7 +3,11 @@
        <i class="fa fa-shield"></i> <b>bit</b>warden
    </div>
    <div class="login-box-body">
-        <p class="login-box-msg">Lost your authenticator app?</p>
+        <p class="login-box-msg">
+            In the event that you cannot access your account through your normal two-step login methods, you can use your
+            two-step login recovery code to disable all two-step providers on your account.
+            <a href="https://help.bitwarden.com/article/lost-two-step-device/" target="_blank">Learn more</a>
+        </p>
        <div class="text-center" ng-show="success">
            <div class="callout callout-success">
                Two-step login has been successfully disabled on your account.
@@ -13,7 +17,7 @@
        <form name="recoverForm" ng-submit="recoverForm.$valid && submit(model)" ng-show="!success"
              api-form="submitPromise">
            <div class="callout callout-danger validation-errors" ng-show="recoverForm.$errors">
-                <h4>Errors have occured</h4>
+                <h4>Errors have occurred</h4>
                <ul>
                    <li ng-repeat="e in recoverForm.$errors">{{e}}</li>
                </ul>
--- a/src/app/accounts/views/accountsRecoverDelete.html
+++ b/src/app/accounts/views/accountsRecoverDelete.html
@@ -0,0 +1,39 @@
+<div class="login-box">
+    <div class="login-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="login-box-body">
+        <p class="login-box-msg">Enter your email address below to recover &amp; delete your Bitwarden account.</p>
+        <div ng-show="success" class="text-center">
+            <div class="callout callout-success">
+                If your account exists ({{model.email}}) we've sent you an email with further instructions.
+            </div>
+            <a ui-sref="frontend.login.info">Return to log in</a>
+        </div>
+        <form name="form" ng-submit="form.$valid && submit(model)" ng-show="!success"
+              api-form="submitPromise">
+            <div class="callout callout-danger validation-errors" ng-show="form.$errors">
+                <h4>Errors have occurred</h4>
+                <ul>
+                    <li ng-repeat="e in form.$errors">{{e}}</li>
+                </ul>
+            </div>
+            <div class="form-group has-feedback" show-errors>
+                <label for="email" class="sr-only">Your account email address</label>
+                <input type="email" id="email" name="Email" class="form-control" placeholder="Your account email address"
+                       ng-model="model.email" required api-field />
+                <span class="fa fa-envelope form-control-feedback"></span>
+            </div>
+            <div class="row">
+                <div class="col-xs-7">
+                    <a ui-sref="frontend.login.info">Return to log in</a>
+                </div>
+                <div class="col-xs-5">
+                    <button type="submit" class="btn btn-primary btn-block btn-flat" ng-disabled="form.$loading">
+                        <i class="fa fa-refresh fa-spin loading-icon" ng-show="form.$loading"></i>Submit
+                    </button>
+                </div>
+            </div>
+        </form>
+    </div>
+</div>
--- a/src/app/accounts/views/accountsRegister.html
+++ b/src/app/accounts/views/accountsRegister.html
@@ -18,7 +18,7 @@
                <p>Before creating your organization, you first need to create a free personal account.</p>
            </div>
            <div class="callout callout-danger validation-errors" ng-show="registerForm.$errors">
-                <h4>Errors have occured</h4>
+                <h4>Errors have occurred</h4>
                <ul>
                    <li ng-repeat="e in registerForm.$errors">{{e}}</li>
                </ul>
@@ -72,6 +72,11 @@
                    </button>
                </div>
            </div>
+            <hr />
+            By clicking the above "Submit" button, you are agreeing to the
+            <a href="https://bitwarden.com/terms/" target="_blank">Terms of Service</a>
+            and the
+            <a href="https://bitwarden.com/privacy/" target="_blank">Privacy Policy</a>.
        </form>
    </div>
 </div>
--- a/src/app/accounts/views/accountsTwoFactorMethods.html
+++ b/src/app/accounts/views/accountsTwoFactorMethods.html
@@ -0,0 +1,25 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title"><i class="fa fa-key"></i> Two-step Providers</h4>
+</div>
+<div class="modal-body">
+    <div class="list-group" ng-repeat="provider in providers | orderBy: 'displayOrder'">
+        <a href="#" stop-click class="list-group-item" ng-click="choose(provider)">
+            <img alt="{{::provider.name}}" ng-src="{{'images/two-factor/' + provider.image}}" class="pull-right hidden-xs" />
+            <h4 class="list-group-item-heading">{{::provider.name}}</h4>
+            <p class="list-group-item-text">{{::provider.description}}</p>
+        </a>
+    </div>
+    <div class="list-group" style="margin-bottom: 0;">
+        <a href="https://help.bitwarden.com/article/lost-two-step-device/" target="_blank" class="list-group-item">
+            <h4 class="list-group-item-heading">Recovery Code</h4>
+            <p class="list-group-item-text">
+                Lost access to all of your two-factor providers? Use your recovery code to disable
+                all two-factor providers from your account.
+            </p>
+        </a>
+    </div>
+</div>
+<div class="modal-footer">
+    <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+</div>
--- a/src/app/accounts/views/accountsVerifyEmail.html
+++ b/src/app/accounts/views/accountsVerifyEmail.html
@@ -0,0 +1,8 @@
+<div class="login-box">
+    <div class="login-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="login-box-body">
+        Verifying email...
+    </div>
+</div>
--- a/src/app/accounts/views/accountsVerifyRecoverDelete.html
+++ b/src/app/accounts/views/accountsVerifyRecoverDelete.html
@@ -0,0 +1,21 @@
+<div class="login-box">
+    <div class="login-logo">
+        <i class="fa fa-shield"></i> <b>bit</b>warden
+    </div>
+    <div class="login-box-body">
+        <div ng-if="deleting">
+            Deleting account...
+        </div>
+        <div ng-if="!deleting">
+            <div class="callout callout-warning">
+                <h4><i class="fa fa-warning fa-fw"></i> Warning</h4>
+                This will permanently delete your account. This cannot be undone.
+            </div>
+            <p>
+                You have requested to delete your Bitwarden account (<b>{{email}}</b>).
+                Click the button below to confirm and proceed.
+            </p>
+            <button ng-click="delete()" class="btn btn-danger btn-block btn-flat">Delete Account</button>
+        </div>
+    </div>
+</div>
--- a/src/app/apiInterceptor.js
+++ b/src/app/apiInterceptor.js
@@ -1,9 +1,13 @@
 angular
    .module('bit')

-    .factory('apiInterceptor', function ($injector, $q, toastr) {
+    .factory('apiInterceptor', function ($injector, $q, toastr, appSettings, utilsService) {
        return {
            request: function (config) {
+                if (config.url.indexOf(appSettings.apiUri + '/') === 0) {
+                    config.headers['Device-Type'] = utilsService.getDeviceType();
+                }
+
                return config;
            },
            response: function (response) {
--- a/src/app/app.js
+++ b/src/app/app.js
@@ -6,9 +6,12 @@
        'ui.bootstrap.showErrors',
        'toastr',
        'angulartics',
+        // @if !selfHosted
        'angulartics.google.analytics',
        'angular-stripe',
        'credit-cards',
+        // @endif
+        'angular-promise-polyfill',

        'bit.directives',
        'bit.filters',
@@ -19,5 +22,6 @@
        'bit.vault',
        'bit.settings',
        'bit.tools',
-        'bit.organization'
+        'bit.organization',
+        'bit.reports'
    ]);
--- a/src/app/config.js
+++ b/src/app/config.js
@@ -2,16 +2,25 @@ angular
    .module('bit')

    .config(function ($stateProvider, $urlRouterProvider, $httpProvider, jwtInterceptorProvider, jwtOptionsProvider,
-        $uibTooltipProvider, toastrConfig, $locationProvider, $qProvider, stripeProvider) {
+        $uibTooltipProvider, toastrConfig, $locationProvider, $qProvider, appSettings
+        // @if !selfHosted
+        /* jshint ignore:start */
+        , stripeProvider
+        /* jshint ignore:end */
+        // @endif
+    ) {
+        angular.extend(appSettings, window.bitwardenAppSettings);
+
        $qProvider.errorOnUnhandledRejections(false);
        $locationProvider.hashPrefix('');
+
        jwtOptionsProvider.config({
-            urlParam: 'access_token3',
-            whiteListedDomains: ['api.bitwarden.com', 'preview-api.bitwarden.com', 'localhost', '192.168.1.8']
+            whiteListedDomains: ['localhost', 'api.bitwarden.com', 'vault.bitwarden.com', 'haveibeenpwned.com']
        });
+
        var refreshPromise;
-        jwtInterceptorProvider.tokenGetter = /*@ngInject*/ function (options, appSettings, tokenService, authService) {
-            if (options.url.indexOf(appSettings.apiUri) !== 0) {
+        jwtInterceptorProvider.tokenGetter = /*@ngInject*/ function (options, tokenService, authService) {
+            if (options.url.indexOf(appSettings.apiUri + '/') !== 0) {
                return;
            }

@@ -28,14 +37,21 @@ angular
                return token;
            }

-            refreshPromise = authService.refreshAccessToken().then(function (newToken) {
+            var p = authService.refreshAccessToken();
+            if (!p) {
+                return;
+            }
+
+            refreshPromise = p.then(function (newToken) {
                refreshPromise = null;
                return newToken || token;
            });
            return refreshPromise;
        };

-        stripeProvider.setPublishableKey('pk_live_bpN0P37nMxrMQkcaHXtAybJk');
+        // @if !selfHosted
+        stripeProvider.setPublishableKey(appSettings.stripeKey);
+        // @endif

        angular.extend(toastrConfig, {
            closeButton: true,
@@ -49,12 +65,15 @@ angular
            appendToBody: true
        });

-        if ($httpProvider.defaults.headers.post) {
-            $httpProvider.defaults.headers.post = {};
+        // stop IE from caching get requests
+        if (navigator.userAgent.indexOf('MSIE') !== -1 || navigator.appVersion.indexOf('Trident/') > 0) {
+            if (!$httpProvider.defaults.headers.get) {
+                $httpProvider.defaults.headers.get = {};
+            }
+            $httpProvider.defaults.headers.get['Cache-Control'] = 'no-cache';
+            $httpProvider.defaults.headers.get.Pragma = 'no-cache';
        }

-        $httpProvider.defaults.headers.post['Content-Type'] = 'text/plain; charset=utf-8';
-
        $httpProvider.interceptors.push('apiInterceptor');
        $httpProvider.interceptors.push('jwtInterceptor');

@@ -77,17 +96,14 @@ angular
                url: '^/vault',
                templateUrl: 'app/vault/views/vault.html',
                controller: 'vaultController',
-                data: { pageTitle: 'My Vault' },
+                data: {
+                    pageTitle: 'My Vault',
+                    controlSidebar: true
+                },
                params: {
                    refreshFromServer: false
                }
            })
-            .state('backend.user.shared', {
-                url: '^/shared',
-                templateUrl: 'app/vault/views/vaultShared.html',
-                controller: 'vaultSharedController',
-                data: { pageTitle: 'Shared' }
-            })
            .state('backend.user.settings', {
                url: '^/settings',
                templateUrl: 'app/settings/views/settings.html',
@@ -100,23 +116,41 @@ angular
                controller: 'settingsDomainsController',
                data: { pageTitle: 'Domain Settings' }
            })
+            .state('backend.user.settingsTwoStep', {
+                url: '^/settings/two-step',
+                templateUrl: 'app/settings/views/settingsTwoStep.html',
+                controller: 'settingsTwoStepController',
+                data: { pageTitle: 'Two-step Login' }
+            })
            .state('backend.user.settingsCreateOrg', {
                url: '^/settings/create-organization',
                templateUrl: 'app/settings/views/settingsCreateOrganization.html',
                controller: 'settingsCreateOrganizationController',
                data: { pageTitle: 'Create Organization' }
            })
+            .state('backend.user.settingsBilling', {
+                url: '^/settings/billing',
+                templateUrl: 'app/settings/views/settingsBilling.html',
+                controller: 'settingsBillingController',
+                data: { pageTitle: 'Billing' }
+            })
+            .state('backend.user.settingsPremium', {
+                url: '^/settings/premium',
+                templateUrl: 'app/settings/views/settingsPremium.html',
+                controller: 'settingsPremiumController',
+                data: { pageTitle: 'Go Premium' }
+            })
            .state('backend.user.tools', {
                url: '^/tools',
                templateUrl: 'app/tools/views/tools.html',
                controller: 'toolsController',
                data: { pageTitle: 'Tools' }
            })
-            .state('backend.user.apps', {
-                url: '^/apps',
-                templateUrl: 'app/views/apps.html',
-                controller: 'appsController',
-                data: { pageTitle: 'Get the Apps' }
+            .state('backend.user.reportsBreach', {
+                url: '^/reports/breach',
+                templateUrl: 'app/reports/views/reportsBreach.html',
+                controller: 'reportsBreachController',
+                data: { pageTitle: 'Data Breach Report' }
            })
            .state('backend.org', {
                templateUrl: 'app/views/organizationLayout.html',
@@ -129,13 +163,13 @@ angular
                data: { pageTitle: 'Organization Dashboard' }
            })
            .state('backend.org.people', {
-                url: '/organization/:orgId/people',
+                url: '/organization/:orgId/people?viewEvents&search',
                templateUrl: 'app/organization/views/organizationPeople.html',
                controller: 'organizationPeopleController',
                data: { pageTitle: 'Organization People' }
            })
            .state('backend.org.collections', {
-                url: '/organization/:orgId/collections',
+                url: '/organization/:orgId/collections?search',
                templateUrl: 'app/organization/views/organizationCollections.html',
                controller: 'organizationCollectionsController',
                data: { pageTitle: 'Organization Collections' }
@@ -153,17 +187,26 @@ angular
                data: { pageTitle: 'Organization Billing' }
            })
            .state('backend.org.vault', {
-                url: '/organization/:orgId/vault',
+                url: '/organization/:orgId/vault?viewEvents&search',
                templateUrl: 'app/organization/views/organizationVault.html',
                controller: 'organizationVaultController',
-                data: { pageTitle: 'Organization Vault' }
+                data: {
+                    pageTitle: 'Organization Vault',
+                    controlSidebar: true
+                }
            })
            .state('backend.org.groups', {
-                url: '/organization/:orgId/groups',
+                url: '/organization/:orgId/groups?search',
                templateUrl: 'app/organization/views/organizationGroups.html',
                controller: 'organizationGroupsController',
                data: { pageTitle: 'Organization Groups' }
            })
+            .state('backend.org.events', {
+                url: '/organization/:orgId/events',
+                templateUrl: 'app/organization/views/organizationEvents.html',
+                controller: 'organizationEventsController',
+                data: { pageTitle: 'Organization Events' }
+            })

            // Frontend
            .state('frontend', {
@@ -178,25 +221,26 @@ angular
                controller: 'accountsLoginController',
                params: {
                    returnState: null,
-                    email: null
+                    email: null,
+                    premium: null,
+                    org: null
                },
                data: {
                    bodyClass: 'login-page'
                }
            })
            .state('frontend.login.info', {
-                url: '^/?org',
+                url: '^/?org&premium&email',
                templateUrl: 'app/accounts/views/accountsLoginInfo.html',
                data: {
                    pageTitle: 'Log In'
                }
            })
            .state('frontend.login.twoFactor', {
-                url: '^/two-factor',
+                url: '^/two-step?org&premium&email',
                templateUrl: 'app/accounts/views/accountsLoginTwoFactor.html',
                data: {
-                    pageTitle: 'Log In (Two Factor)',
-                    authorizeTwoFactor: true
+                    pageTitle: 'Log In (Two-step)'
                }
            })
            .state('frontend.logout', {
@@ -224,13 +268,33 @@ angular
                    bodyClass: 'login-page'
                }
            })
+            .state('frontend.recover-delete', {
+                url: '^/recover-delete',
+                templateUrl: 'app/accounts/views/accountsRecoverDelete.html',
+                controller: 'accountsRecoverDeleteController',
+                data: {
+                    pageTitle: 'Delete Account',
+                    bodyClass: 'login-page'
+                }
+            })
+            .state('frontend.verify-recover-delete', {
+                url: '^/verify-recover-delete?userId&token&email',
+                templateUrl: 'app/accounts/views/accountsVerifyRecoverDelete.html',
+                controller: 'accountsVerifyRecoverDeleteController',
+                data: {
+                    pageTitle: 'Confirm Delete Account',
+                    bodyClass: 'login-page'
+                }
+            })
            .state('frontend.register', {
-                url: '^/register?org',
+                url: '^/register?org&premium',
                templateUrl: 'app/accounts/views/accountsRegister.html',
                controller: 'accountsRegisterController',
                params: {
                    returnState: null,
-                    email: null
+                    email: null,
+                    org: null,
+                    premium: null
                },
                data: {
                    pageTitle: 'Register',
@@ -246,6 +310,16 @@ angular
                    bodyClass: 'login-page',
                    skipAuthorize: true
                }
+            })
+            .state('frontend.verifyEmail', {
+                url: '^/verify-email?userId&token',
+                templateUrl: 'app/accounts/views/accountsVerifyEmail.html',
+                controller: 'accountsVerifyEmailController',
+                data: {
+                    pageTitle: 'Verifying Email',
+                    bodyClass: 'login-page',
+                    skipAuthorize: true
+                }
            });
    })
    .run(function ($rootScope, authService, $state) {
@@ -278,7 +352,7 @@ angular
            // user is guaranteed to be authenticated becuase of previous check
            if (toState.name.indexOf('backend.org.') > -1 && toParams.orgId) {
                // clear vault rootScope when visiting org admin section
-                $rootScope.vaultLogins = $rootScope.vaultFolders = null;
+                $rootScope.vaultCiphers = $rootScope.vaultFolders = $rootScope.vaultCollections = null;

                authService.getUserProfile().then(function (profile) {
                    var orgs = profile.organizations;
--- a/src/app/constants.js
+++ b/src/app/constants.js
@@ -6,7 +6,9 @@ angular.module('bit')
            AesCbc128_HmacSha256_B64: 1,
            AesCbc256_HmacSha256_B64: 2,
            Rsa2048_OaepSha256_B64: 3,
-            Rsa2048_OaepSha1_B64: 4
+            Rsa2048_OaepSha1_B64: 4,
+            Rsa2048_OaepSha256_HmacSha256_B64: 5,
+            Rsa2048_OaepSha1_HmacSha256_B64: 6
        },
        orgUserType: {
            owner: 0,
@@ -18,6 +20,158 @@ angular.module('bit')
            accepted: 1,
            confirmed: 2
        },
+        twoFactorProvider: {
+            u2f: 4,
+            yubikey: 3,
+            duo: 2,
+            authenticator: 0,
+            email: 1,
+            remember: 5,
+            organizationDuo: 6
+        },
+        cipherType: {
+            login: 1,
+            secureNote: 2,
+            card: 3,
+            identity: 4
+        },
+        fieldType: {
+            text: 0,
+            hidden: 1,
+            boolean: 2
+        },
+        deviceType: {
+            android: 0,
+            ios: 1,
+            chromeExt: 2,
+            firefoxExt: 3,
+            operaExt: 4,
+            edgeExt: 5,
+            windowsDesktop: 6,
+            macOsDesktop: 7,
+            linuxDesktop: 8,
+            chrome: 9,
+            firefox: 10,
+            opera: 11,
+            edge: 12,
+            ie: 13,
+            unknown: 14,
+            uwp: 16,
+            safari: 17,
+            vivaldi: 18,
+            vivaldiExt: 19
+        },
+        eventType: {
+            User_LoggedIn: 1000,
+            User_ChangedPassword: 1001,
+            User_Enabled2fa: 1002,
+            User_Disabled2fa: 1003,
+            User_Recovered2fa: 1004,
+            User_FailedLogIn: 1005,
+            User_FailedLogIn2fa: 1006,
+
+            Cipher_Created: 1100,
+            Cipher_Updated: 1101,
+            Cipher_Deleted: 1102,
+            Cipher_AttachmentCreated: 1103,
+            Cipher_AttachmentDeleted: 1104,
+            Cipher_Shared: 1105,
+            Cipher_UpdatedCollections: 1106,
+
+            Collection_Created: 1300,
+            Collection_Updated: 1301,
+            Collection_Deleted: 1302,
+
+            Group_Created: 1400,
+            Group_Updated: 1401,
+            Group_Deleted: 1402,
+
+            OrganizationUser_Invited: 1500,
+            OrganizationUser_Confirmed: 1501,
+            OrganizationUser_Updated: 1502,
+            OrganizationUser_Removed: 1503,
+            OrganizationUser_UpdatedGroups: 1504,
+
+            Organization_Updated: 1600
+        },
+        twoFactorProviderInfo: [
+            {
+                type: 0,
+                name: 'Authenticator App',
+                description: 'Use an authenticator app (such as Authy or Google Authenticator) to generate time-based ' +
+                    'verification codes.',
+                enabled: false,
+                active: true,
+                free: true,
+                image: 'authapp.png',
+                displayOrder: 0,
+                priority: 1,
+                requiresUsb: false,
+                organization: false
+            },
+            {
+                type: 3,
+                name: 'YubiKey OTP Security Key',
+                description: 'Use a YubiKey to access your account. Works with YubiKey 4, 4 Nano, 4C, and NEO devices.',
+                enabled: false,
+                active: true,
+                image: 'yubico.png',
+                displayOrder: 1,
+                priority: 3,
+                requiresUsb: true,
+                organization: false
+            },
+            {
+                type: 2,
+                name: 'Duo',
+                description: 'Verify with Duo Security using the Duo Mobile app, SMS, phone call, or U2F security key.',
+                enabled: false,
+                active: true,
+                image: 'duo.png',
+                displayOrder: 2,
+                priority: 2,
+                requiresUsb: false,
+                organization: false
+            },
+            {
+                type: 4,
+                name: 'FIDO U2F Security Key',
+                description: 'Use any FIDO U2F enabled security key to access your account.',
+                enabled: false,
+                active: true,
+                image: 'fido.png',
+                displayOrder: 3,
+                priority: 4,
+                requiresUsb: true,
+                organization: false
+            },
+            {
+                type: 1,
+                name: 'Email',
+                description: 'Verification codes will be emailed to you.',
+                enabled: false,
+                active: true,
+                free: true,
+                image: 'gmail.png',
+                displayOrder: 4,
+                priority: 0,
+                requiresUsb: false,
+                organization: false
+            },
+            {
+                type: 6,
+                name: 'Duo (Organization)',
+                description: 'Verify with Duo Security for your organization using the Duo Mobile app, SMS, ' +
+                    'phone call, or U2F security key.',
+                enabled: false,
+                active: true,
+                image: 'duo.png',
+                displayOrder: 1,
+                priority: 10,
+                requiresUsb: false,
+                organization: true
+            }
+        ],
        plans: {
            free: {
                basePrice: 0,
@@ -25,14 +179,12 @@ angular.module('bit')
                noPayment: true,
                upgradeSortOrder: -1
            },
-            personal: {
+            families: {
                basePrice: 1,
                annualBasePrice: 12,
                baseSeats: 5,
-                seatPrice: 1,
-                annualSeatPrice: 12,
-                maxAdditionalSeats: 5,
-                annualPlanType: 'personalAnnually',
+                noAdditionalSeats: true,
+                annualPlanType: 'familiesAnnually',
                upgradeSortOrder: 1
            },
            teams: {
@@ -46,6 +198,23 @@ angular.module('bit')
                monthPlanType: 'teamsMonthly',
                annualPlanType: 'teamsAnnually',
                upgradeSortOrder: 2
+            },
+            enterprise: {
+                seatPrice: 3,
+                annualSeatPrice: 36,
+                monthlySeatPrice: 4,
+                monthPlanType: 'enterpriseMonthly',
+                annualPlanType: 'enterpriseAnnually',
+                upgradeSortOrder: 3
            }
+        },
+        storageGb: {
+            price: 0.33,
+            monthlyPrice: 0.50,
+            yearlyPrice: 4
+        },
+        premium: {
+            price: 10,
+            yearlyPrice: 10
        }
    });
--- a/src/app/directives/apiFormDirective.js
+++ b/src/app/directives/apiFormDirective.js
@@ -1,7 +1,7 @@
 angular
    .module('bit.directives')

-    .directive('apiForm', function ($rootScope, validationService) {
+    .directive('apiForm', function ($rootScope, validationService, $timeout) {
        return {
            require: 'form',
            restrict: 'A',
@@ -25,12 +25,21 @@ angular
            form.$loading = true;

            promise.then(function success(response) {
-                form.$loading = false;
+                $timeout(function () {
+                    form.$loading = false;
+                });
            }, function failure(reason) {
-                form.$loading = false;
-                validationService.addErrors(form, reason);
-                scope.$broadcast('show-errors-check-validity');
-                $('html, body').animate({ scrollTop: 0 }, 200);
+                $timeout(function () {
+                    form.$loading = false;
+                    if (typeof reason === 'string') {
+                        validationService.addError(form, null, reason, true);
+                    }
+                    else {
+                        validationService.addErrors(form, reason);
+                    }
+                    scope.$broadcast('show-errors-check-validity');
+                    $('html, body').animate({ scrollTop: 0 }, 200);
+                });
            });
        }
    });
--- a/src/app/directives/fallbackSrcDirective.js
+++ b/src/app/directives/fallbackSrcDirective.js
@@ -0,0 +1,11 @@
+angular
+    .module('bit.directives')
+
+    .directive('fallbackSrc', function () {
+        return function (scope, element, attrs) {
+            var el = $(element);
+            el.bind('error', function (event) {
+                el.attr('src', attrs.fallbackSrc);
+            });
+        };
+    });
--- a/src/app/directives/masterPasswordDirective.js
+++ b/src/app/directives/masterPasswordDirective.js
@@ -13,10 +13,11 @@ angular
                            return undefined;
                        }

-                        var key = cryptoService.makeKey(value, profile.email);
-                        var valid = key.keyB64 === cryptoService.getKey().keyB64;
-                        ngModel.$setValidity('masterPassword', valid);
-                        return valid ? value : undefined;
+                        return cryptoService.makeKey(value, profile.email).then(function (result) {
+                            var valid = result.keyB64 === cryptoService.getKey().keyB64;
+                            ngModel.$setValidity('masterPassword', valid);
+                            return valid ? value : undefined;
+                        });
                    });

                    // For model -> DOM validation
@@ -25,11 +26,11 @@ angular
                            return undefined;
                        }

-                        var key = cryptoService.makeKey(value, profile.email);
-                        var valid = key.keyB64 === cryptoService.getKey().keyB64;
-
-                        ngModel.$setValidity('masterPassword', valid);
-                        return value;
+                        return cryptoService.makeKey(value, profile.email).then(function (result) {
+                            var valid = result.keyB64 === cryptoService.getKey().keyB64;
+                            ngModel.$setValidity('masterPassword', valid);
+                            return value;
+                        });
                    });
                });
            }
--- a/src/app/directives/pageTitleDirective.js
+++ b/src/app/directives/pageTitleDirective.js
@@ -6,9 +6,9 @@ angular
            link: function (scope, element) {
                var listener = function (event, toState, toParams, fromState, fromParams) {
                    // Default title
-                    var title = 'bitwarden Password Manager';
+                    var title = 'Bitwarden Web Vault';
                    if (toState.data && toState.data.pageTitle) {
-                        title = toState.data.pageTitle + ' - bitwarden Password Manager';
+                        title = toState.data.pageTitle + ' - ' + title;
                    }

                    $timeout(function () {
--- a/src/app/directives/stopClickDirective.js
+++ b/src/app/directives/stopClickDirective.js
@@ -0,0 +1,11 @@
+angular
+    .module('bit.directives')
+
+    // ref: https://stackoverflow.com/a/14165848/1090359
+    .directive('stopClick', function () {
+        return function (scope, element, attrs) {
+            $(element).click(function (event) {
+                event.preventDefault();
+            });
+        };
+    });
--- a/src/app/directives/stopPropDirective.js
+++ b/src/app/directives/stopPropDirective.js
@@ -0,0 +1,10 @@
+angular
+    .module('bit.directives')
+
+    .directive('stopProp', function () {
+        return function (scope, element, attrs) {
+            $(element).click(function (event) {
+                event.stopPropagation();
+            });
+        };
+    });
--- a/src/app/directives/totpDirective.js
+++ b/src/app/directives/totpDirective.js
@@ -0,0 +1,193 @@
+angular
+    .module('bit.directives')
+
+    .directive('totp', function ($timeout, $q) {
+        return {
+            template: '<div class="totp{{(low ? \' low\' : \'\')}}" ng-if="code">' +
+            '<span class="totp-countdown"><span class="totp-sec">{{sec}}</span>' +
+            '<svg><g><circle class="totp-circle inner" r="12.6" cy="16" cx="16" style="stroke-dashoffset: {{dash}}px;"></circle>' +
+            '<circle class="totp-circle outer" r="14" cy="16" cx="16"></circle></g></svg></span>' +
+            '<span class="totp-code" id="totp-code">{{codeFormatted}}</span>' +
+            '<a href="#" stop-click class="btn btn-link" ngclipboard ngclipboard-error="clipboardError(e)" ' +
+            'data-clipboard-text="{{code}}" uib-tooltip="Copy Code" tooltip-placement="right">' +
+            '<i class="fa fa-clipboard"></i></a>' +
+            '</div>',
+            restrict: 'A',
+            scope: {
+                key: '=totp'
+            },
+            link: function (scope) {
+                var interval = null;
+
+                var Totp = function () {
+                    var b32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
+
+                    var leftpad = function (s, l, p) {
+                        if (l + 1 >= s.length) {
+                            s = Array(l + 1 - s.length).join(p) + s;
+                        }
+                        return s;
+                    };
+
+                    var dec2hex = function (d) {
+                        return (d < 15.5 ? '0' : '') + Math.round(d).toString(16);
+                    };
+
+                    var hex2dec = function (s) {
+                        return parseInt(s, 16);
+                    };
+
+                    var hex2bytes = function (s) {
+                        var bytes = new Uint8Array(s.length / 2);
+                        for (var i = 0; i < s.length; i += 2) {
+                            bytes[i / 2] = parseInt(s.substr(i, 2), 16);
+                        }
+                        return bytes;
+                    };
+
+                    var buff2hex = function (buff) {
+                        var bytes = new Uint8Array(buff);
+                        var hex = [];
+                        for (var i = 0; i < bytes.length; i++) {
+                            hex.push((bytes[i] >>> 4).toString(16));
+                            hex.push((bytes[i] & 0xF).toString(16));
+                        }
+                        return hex.join('');
+                    };
+
+                    var b32tohex = function (s) {
+                        s = s.toUpperCase();
+                        var cleanedInput = '';
+                        var i;
+                        for (i = 0; i < s.length; i++) {
+                            if (b32Chars.indexOf(s[i]) < 0) {
+                                continue;
+                            }
+
+                            cleanedInput += s[i];
+                        }
+                        s = cleanedInput;
+
+                        var bits = '';
+                        var hex = '';
+                        for (i = 0; i < s.length; i++) {
+                            var byteIndex = b32Chars.indexOf(s.charAt(i));
+                            if (byteIndex < 0) {
+                                continue;
+                            }
+                            bits += leftpad(byteIndex.toString(2), 5, '0');
+                        }
+                        for (i = 0; i + 4 <= bits.length; i += 4) {
+                            var chunk = bits.substr(i, 4);
+                            hex = hex + parseInt(chunk, 2).toString(16);
+                        }
+                        return hex;
+                    };
+
+                    var b32tobytes = function (s) {
+                        return hex2bytes(b32tohex(s));
+                    };
+
+                    var sign = function (keyBytes, timeBytes) {
+                        return window.crypto.subtle.importKey('raw', keyBytes,
+                            { name: 'HMAC', hash: { name: 'SHA-1' } }, false, ['sign']).then(function (key) {
+                                return window.crypto.subtle.sign({ name: 'HMAC', hash: { name: 'SHA-1' } }, key, timeBytes);
+                            }).then(function (signature) {
+                                return buff2hex(signature);
+                            }).catch(function (err) {
+                                return null;
+                            });
+                    };
+
+                    this.getCode = function (keyb32) {
+                        var epoch = Math.round(new Date().getTime() / 1000.0);
+                        var timeHex = leftpad(dec2hex(Math.floor(epoch / 30)), 16, '0');
+                        var timeBytes = hex2bytes(timeHex);
+                        var keyBytes = b32tobytes(keyb32);
+
+                        if (!keyBytes.length || !timeBytes.length) {
+                            return $q(function (resolve, reject) {
+                                resolve(null);
+                            });
+                        }
+
+                        return sign(keyBytes, timeBytes).then(function (hashHex) {
+                            if (!hashHex) {
+                                return null;
+                            }
+
+                            var offset = hex2dec(hashHex.substring(hashHex.length - 1));
+                            var otp = (hex2dec(hashHex.substr(offset * 2, 8)) & hex2dec('7fffffff')) + '';
+                            otp = (otp).substr(otp.length - 6, 6);
+                            return otp;
+                        });
+                    };
+                };
+
+                var totp = new Totp();
+
+                var updateCode = function (scope) {
+                    totp.getCode(scope.key).then(function (code) {
+                        $timeout(function () {
+                            if (code) {
+                                scope.codeFormatted = code.substring(0, 3) + ' ' + code.substring(3);
+                                scope.code = code;
+                            }
+                            else {
+                                scope.code = null;
+                                if (interval) {
+                                    clearInterval(interval);
+                                }
+                            }
+                        });
+                    });
+                };
+
+                var tick = function (scope) {
+                    $timeout(function () {
+                        var epoch = Math.round(new Date().getTime() / 1000.0);
+                        var mod = epoch % 30;
+                        var sec = 30 - mod;
+
+                        scope.sec = sec;
+                        scope.dash = (2.62 * mod).toFixed(2);
+                        scope.low = sec <= 7;
+                        if (mod === 0) {
+                            updateCode(scope);
+                        }
+                    });
+                };
+
+                scope.$watch('key', function () {
+                    if (!scope.key) {
+                        scope.code = null;
+                        if (interval) {
+                            clearInterval(interval);
+                        }
+                        return;
+                    }
+
+                    updateCode(scope);
+                    tick(scope);
+
+                    if (interval) {
+                        clearInterval(interval);
+                    }
+
+                    interval = setInterval(function () {
+                        tick(scope);
+                    }, 1000);
+                });
+
+                scope.$on('$destroy', function () {
+                    if (interval) {
+                        clearInterval(interval);
+                    }
+                });
+
+                scope.clipboardError = function (e) {
+                    alert('Your web browser does not support easy clipboard copying.');
+                };
+            },
+        };
+    });
--- a/src/app/global/appsController.js
+++ b/src/app/global/appsController.js
@@ -1,6 +0,0 @@
-angular
-    .module('bit.global')
-
-    .controller('appsController', function ($scope, $state) {
-
-    });
--- a/src/app/global/mainController.js
+++ b/src/app/global/mainController.js
@@ -1,11 +1,16 @@
 angular
    .module('bit.global')

-    .controller('mainController', function ($scope, $state, authService, appSettings, toastr, $window, $document) {
+    .controller('mainController', function ($scope, $state, authService, appSettings, toastr, $window, $document,
+        cryptoService, $uibModal, apiService) {
        var vm = this;
+        vm.skinClass = appSettings.selfHosted ? 'skin-blue-light' : 'skin-blue';
        vm.bodyClass = '';
+        vm.usingControlSidebar = vm.openControlSidebar = false;
        vm.searchVaultText = null;
        vm.version = appSettings.version;
+        vm.outdatedBrowser = $window.navigator.userAgent.indexOf('MSIE') !== -1 ||
+            $window.navigator.userAgent.indexOf('SamsungBrowser') !== -1;

        $scope.currentYear = new Date().getFullYear();

@@ -24,11 +29,12 @@ angular
                    $.AdminLTE.pushMenu.expandOnHover();
                }

-                $(document).off('click', '.sidebar li a');
+                $document.off('click', '.sidebar li a');
            }
        });

        $scope.$on('$stateChangeSuccess', function (event, toState, toParams, fromState, fromParams) {
+            vm.usingEncKey = !!cryptoService.getEncKey();
            vm.searchVaultText = null;

            if (toState.data.bodyClass) {
@@ -38,18 +44,21 @@ angular
            else {
                vm.bodyClass = '';
            }
+
+            vm.usingControlSidebar = !!toState.data.controlSidebar;
+            vm.openControlSidebar = vm.usingControlSidebar && $document.width() > 768;
        });

-        $scope.addLogin = function () {
-            $scope.$broadcast('vaultAddLogin');
+        $scope.addCipher = function () {
+            $scope.$broadcast('vaultAddCipher');
        };

        $scope.addFolder = function () {
            $scope.$broadcast('vaultAddFolder');
        };

-        $scope.addOrganizationLogin = function () {
-            $scope.$broadcast('organizationVaultAddLogin');
+        $scope.addOrganizationCipher = function () {
+            $scope.$broadcast('organizationVaultAddCipher');
        };

        $scope.addOrganizationCollection = function () {
@@ -60,6 +69,38 @@ angular
            $scope.$broadcast('organizationPeopleInvite');
        };

+        $scope.addOrganizationGroup = function () {
+            $scope.$broadcast('organizationGroupsAdd');
+        };
+
+        $scope.updateKey = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsUpdateKey.html',
+                controller: 'settingsUpdateKeyController'
+            });
+        };
+
+        $scope.verifyEmail = function () {
+            if ($scope.sendingVerify) {
+                return;
+            }
+
+            $scope.sendingVerify = true;
+            apiService.accounts.verifyEmail({}, null).$promise.then(function () {
+                toastr.success('Verification email sent.');
+                $scope.sendingVerify = false;
+                $scope.verifyEmailSent = true;
+            }).catch(function () {
+                toastr.success('Verification email failed.');
+                $scope.sendingVerify = false;
+            });
+        };
+
+        $scope.updateBrowser = function () {
+            $window.open('https://browser-update.org/update.html', '_blank');
+        };
+
        // Append dropdown menu somewhere else
        var bodyScrollbarWidth,
            appendedDropdownMenu,
@@ -101,7 +142,7 @@ angular
            var offset = target.offset();
            var css = {
                display: 'block',
-                top: offset.top + target.outerHeight()
+                top: offset.top + target.outerHeight() - (appendTo !== 'body' ? $(window).scrollTop() : 0)
            };

            if (appendedDropdownMenu.hasClass('dropdown-menu-right')) {
--- a/src/app/global/paidOrgRequiredController.js
+++ b/src/app/global/paidOrgRequiredController.js
@@ -0,0 +1,26 @@
+angular
+    .module('bit.global')
+
+    .controller('paidOrgRequiredController', function ($scope, $state, $uibModalInstance, $analytics, $uibModalStack, orgId,
+        constants, authService) {
+        $analytics.eventTrack('paidOrgRequiredController', { category: 'Modal' });
+
+        authService.getUserProfile().then(function (profile) {
+            $scope.admin = profile.organizations[orgId].type !== constants.orgUserType.user;
+        });
+
+        $scope.go = function () {
+            if (!$scope.admin) {
+                return;
+            }
+
+            $analytics.eventTrack('Get Paid Org');
+            $state.go('backend.org.billing', { orgId: orgId }).then(function () {
+                $uibModalStack.dismissAll();
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+    });
--- a/src/app/global/premiumRequiredController.js
+++ b/src/app/global/premiumRequiredController.js
@@ -0,0 +1,17 @@
+angular
+    .module('bit.global')
+
+    .controller('premiumRequiredController', function ($scope, $state, $uibModalInstance, $analytics, $uibModalStack) {
+        $analytics.eventTrack('premiumRequiredController', { category: 'Modal' });
+
+        $scope.go = function () {
+            $analytics.eventTrack('Get Premium');
+            $state.go('backend.user.settingsPremium').then(function () {
+                $uibModalStack.dismissAll();
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+    });
--- a/src/app/global/sideNavController.js
+++ b/src/app/global/sideNavController.js
@@ -1,12 +1,23 @@
 angular
    .module('bit.global')

-    .controller('sideNavController', function ($scope, $state, authService, toastr, $analytics) {
+    .controller('sideNavController', function ($scope, $state, authService, toastr, $analytics, constants, appSettings) {
        $scope.$state = $state;
        $scope.params = $state.params;
        $scope.orgs = [];
        $scope.name = '';

+        if(appSettings.selfHosted) {
+            $scope.orgIconBgColor = '#ffffff';
+            $scope.orgIconBorder = '3px solid #a0a0a0';
+            $scope.orgIconTextColor = '#333333';
+        }
+        else {
+            $scope.orgIconBgColor = '#2c3b41';
+            $scope.orgIconBorder = '3px solid #1a2226';
+            $scope.orgIconTextColor = '#ffffff';
+        }
+
        authService.getUserProfile().then(function (userProfile) {
            $scope.name = userProfile.extended && userProfile.extended.name ?
                userProfile.extended.name : userProfile.email;
@@ -31,7 +42,7 @@ angular
        });

        $scope.viewOrganization = function (org) {
-            if (org.type === 2) { // 2 = User
+            if (org.type === constants.orgUserType.user) {
                toastr.error('You cannot manage this organization.');
                return;
            }
@@ -40,15 +51,7 @@ angular
            $state.go('backend.org.dashboard', { orgId: org.id });
        };

-        $scope.searchVault = function () {
-            $state.go('backend.user.vault');
-        };
-
-        $scope.searchOrganizationVault = function () {
-            $state.go('backend.org.vault', { orgId: $state.params.orgId });
-        };
-
        $scope.isOrgOwner = function (org) {
-            return org && org.type === 0;
+            return org && org.type === constants.orgUserType.owner;
        };
    });
--- a/src/app/global/topNavController.js
+++ b/src/app/global/topNavController.js
@@ -2,5 +2,13 @@ angular
    .module('bit.global')

    .controller('topNavController', function ($scope) {
-        
+        $scope.toggleControlSidebar = function () {
+            var bod = $('body');
+            if (!bod.hasClass('control-sidebar-open')) {
+                bod.addClass('control-sidebar-open');
+            }
+            else {
+                bod.removeClass('control-sidebar-open');
+            }
+        };
    });
--- a/src/app/organization/organizationBillingAdjustStorageController.js
+++ b/src/app/organization/organizationBillingAdjustStorageController.js
@@ -0,0 +1,37 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationBillingAdjustStorageController', function ($scope, $state, $uibModalInstance, apiService,
+        $analytics, toastr, add) {
+        $analytics.eventTrack('organizationBillingAdjustStorageController', { category: 'Modal' });
+        $scope.add = add;
+        $scope.storageAdjustment = 0;
+
+        $scope.submit = function () {
+            var request = {
+                storageGbAdjustment: $scope.storageAdjustment
+            };
+
+            if (!add) {
+                request.storageGbAdjustment *= -1;
+            }
+
+            $scope.submitPromise = apiService.organizations.putStorage({ id: $state.params.orgId }, request)
+                .$promise.then(function (response) {
+                    if (add) {
+                        $analytics.eventTrack('Added Organization Storage');
+                        toastr.success('You have added ' + $scope.storageAdjustment + ' GB.');
+                    }
+                    else {
+                        $analytics.eventTrack('Removed Organization Storage');
+                        toastr.success('You have removed ' + $scope.storageAdjustment + ' GB.');
+                    }
+
+                    $uibModalInstance.close();
+                });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationBillingChangePaymentController.js
+++ b/src/app/organization/organizationBillingChangePaymentController.js
@@ -1,26 +1,56 @@
 angular
    .module('bit.organization')

-    .controller('organizationBillingChangePaymentController', function ($scope, $state, $uibModalInstance, apiService, stripe,
-        $analytics, toastr, existingPaymentMethod) {
+    .controller('organizationBillingChangePaymentController', function ($scope, $state, $uibModalInstance, apiService,
+        $analytics, toastr, existingPaymentMethod
+        // @if !selfHosted
+        /* jshint ignore:start */
+        , stripe
+        /* jshint ignore:end */
+        // @endif
+    ) {
        $analytics.eventTrack('organizationBillingChangePaymentController', { category: 'Modal' });
        $scope.existingPaymentMethod = existingPaymentMethod;
+        $scope.paymentMethod = 'card';
+        $scope.showPaymentOptions = true;
+        $scope.hidePaypal = true;
+        $scope.card = {};
+        $scope.bank = {};
+
+        $scope.changePaymentMethod = function (val) {
+            $scope.paymentMethod = val;
+        };

        $scope.submit = function () {
-            $scope.submitPromise = stripe.card.createToken($scope.card).then(function (response) {
+            var stripeReq = null;
+            if ($scope.paymentMethod === 'card') {
+                stripeReq = stripe.card.createToken($scope.card);
+            }
+            else if ($scope.paymentMethod === 'bank') {
+                $scope.bank.currency = 'USD';
+                $scope.bank.country = 'US';
+                stripeReq = stripe.bankAccount.createToken($scope.bank);
+            }
+            else {
+                return;
+            }
+
+            $scope.submitPromise = stripeReq.then(function (response) {
                var request = {
                    paymentToken: response.id
                };

                return apiService.organizations.putPayment({ id: $state.params.orgId }, request).$promise;
+            }, function (err) {
+                throw err.message;
            }).then(function (response) {
                $scope.card = null;
                if (existingPaymentMethod) {
-                    $analytics.eventTrack('Changed Payment Method');
+                    $analytics.eventTrack('Changed Organization Payment Method');
                    toastr.success('You have changed your payment method.');
                }
                else {
-                    $analytics.eventTrack('Added Payment Method');
+                    $analytics.eventTrack('Added Organization Payment Method');
                    toastr.success('You have added a payment method.');
                }

--- a/src/app/organization/organizationBillingController.js
+++ b/src/app/organization/organizationBillingController.js
@@ -1,21 +1,29 @@
 angular
    .module('bit.organization')

-    .controller('organizationBillingController', function ($scope, apiService, $state, $uibModal, toastr, $analytics) {
+    .controller('organizationBillingController', function ($scope, apiService, $state, $uibModal, toastr, $analytics,
+        appSettings, tokenService, $window) {
+        $scope.selfHosted = appSettings.selfHosted;
        $scope.charges = [];
        $scope.paymentSource = null;
        $scope.plan = null;
        $scope.subscription = null;
        $scope.loading = true;
+        var license = null;
+        $scope.expiration = null;

        $scope.$on('$viewContentLoaded', function () {
            load();
        });

        $scope.changePayment = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
            var modal = $uibModal.open({
                animation: true,
-                templateUrl: 'app/organization/views/organizationBillingChangePayment.html',
+                templateUrl: 'app/settings/views/settingsBillingChangePayment.html',
                controller: 'organizationBillingChangePaymentController',
                resolve: {
                    existingPaymentMethod: function () {
@@ -30,6 +38,10 @@
        };

        $scope.changePlan = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
            var modal = $uibModal.open({
                animation: true,
                templateUrl: 'app/organization/views/organizationBillingChangePlan.html',
@@ -47,6 +59,10 @@
        };

        $scope.adjustSeats = function (add) {
+            if ($scope.selfHosted || !$scope.canAdjustSeats) {
+                return;
+            }
+
            var modal = $uibModal.open({
                animation: true,
                templateUrl: 'app/organization/views/organizationBillingAdjustSeats.html',
@@ -63,7 +79,48 @@
            });
        };

+        $scope.adjustStorage = function (add) {
+            if ($scope.selfHosted) {
+                return;
+            }
+
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsBillingAdjustStorage.html',
+                controller: 'organizationBillingAdjustStorageController',
+                resolve: {
+                    add: function () {
+                        return add;
+                    }
+                }
+            });
+
+            modal.result.then(function () {
+                load();
+            });
+        };
+
+        $scope.verifyBank = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationBillingVerifyBank.html',
+                controller: 'organizationBillingVerifyBankController'
+            });
+
+            modal.result.then(function () {
+                load();
+            });
+        };
+
        $scope.cancel = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
            if (!confirm('Are you sure you want to cancel? All users will lose access to the organization ' +
                'at the end of this billing cycle.')) {
                return;
@@ -78,6 +135,10 @@
        };

        $scope.reinstate = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
            if (!confirm('Are you sure you want to remove the cancellation request and reinstate this organization?')) {
                return;
            }
@@ -90,12 +151,81 @@
                });
        };

+        $scope.updateLicense = function () {
+            if (!$scope.selfHosted) {
+                return;
+            }
+
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsBillingUpdateLicense.html',
+                controller: 'organizationBillingUpdateLicenseController'
+            });
+
+            modal.result.then(function () {
+                load();
+            });
+        };
+
+        $scope.license = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
+            var installationId = prompt("Enter your installation id");
+            if (!installationId || installationId === '') {
+                return;
+            }
+
+            apiService.organizations.getLicense({
+                id: $state.params.orgId,
+                installationId: installationId
+            }, function (license) {
+                var licenseString = JSON.stringify(license, null, 2);
+                var licenseBlob = new Blob([licenseString]);
+
+                // IE hack. ref http://msdn.microsoft.com/en-us/library/ie/hh779016.aspx
+                if (window.navigator.msSaveOrOpenBlob) {
+                    window.navigator.msSaveBlob(licenseBlob, 'bitwarden_organization_license.json');
+                }
+                else {
+                    var a = window.document.createElement('a');
+                    a.href = window.URL.createObjectURL(licenseBlob, { type: 'text/plain' });
+                    a.download = 'bitwarden_organization_license.json';
+                    document.body.appendChild(a);
+                    // IE: "Access is denied". 
+                    // ref: https://connect.microsoft.com/IE/feedback/details/797361/ie-10-treats-blob-url-as-cross-origin-and-denies-access
+                    a.click();
+                    document.body.removeChild(a);
+                }
+            }, function (err) {
+                if (err.status === 400) {
+                    toastr.error("Invalid installation id.");
+                }
+                else {
+                    toastr.error("Unable to generate license.");
+                }
+            });
+        };
+
+        $scope.viewInvoice = function (charge) {
+            if ($scope.selfHosted) {
+                return;
+            }
+            var url = appSettings.apiUri + '/organizations/' + $state.params.orgId +
+                '/billing-invoice/' + charge.invoiceId + '?access_token=' + tokenService.getToken();
+            $window.open(url);
+        };
+
        function load() {
            apiService.organizations.getBilling({ id: $state.params.orgId }, function (org) {
                $scope.loading = false;
                $scope.noSubscription = org.PlanType === 0;
+                $scope.canAdjustSeats = org.PlanType > 1;

                var i = 0;
+                $scope.expiration = org.Expiration;
+                license = org.License;

                $scope.plan = {
                    name: org.Plan,
@@ -103,14 +233,25 @@
                    seats: org.Seats
                };

+                $scope.storage = null;
+                if ($scope && org.MaxStorageGb) {
+                    $scope.storage = {
+                        currentGb: org.StorageGb || 0,
+                        maxGb: org.MaxStorageGb,
+                        currentName: org.StorageName || '0 GB'
+                    };
+
+                    $scope.storage.percentage = +(100 * ($scope.storage.currentGb / $scope.storage.maxGb)).toFixed(2);
+                }
+
                $scope.subscription = null;
                if (org.Subscription) {
                    $scope.subscription = {
                        trialEndDate: org.Subscription.TrialEndDate,
                        cancelledDate: org.Subscription.CancelledDate,
                        status: org.Subscription.Status,
-                        cancelled: org.Subscription.Status === 'cancelled',
-                        markedForCancel: org.Subscription.Status === 'active' && org.Subscription.CancelledDate
+                        cancelled: org.Subscription.Cancelled,
+                        markedForCancel: !org.Subscription.Cancelled && org.Subscription.CancelAtEndDate
                    };
                }

@@ -139,7 +280,8 @@
                    $scope.paymentSource = {
                        type: org.PaymentSource.Type,
                        description: org.PaymentSource.Description,
-                        cardBrand: org.PaymentSource.CardBrand
+                        cardBrand: org.PaymentSource.CardBrand,
+                        needsVerification: org.PaymentSource.NeedsVerification
                    };
                }

--- a/src/app/organization/organizationBillingUpdateLicenseController.js
+++ b/src/app/organization/organizationBillingUpdateLicenseController.js
@@ -0,0 +1,30 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationBillingUpdateLicenseController', function ($scope, $state, $uibModalInstance, apiService,
+        $analytics, toastr, validationService) {
+        $analytics.eventTrack('organizationBillingUpdateLicenseController', { category: 'Modal' });
+
+        $scope.submit = function (form) {
+            var fileEl = document.getElementById('file');
+            var files = fileEl.files;
+            if (!files || !files.length) {
+                validationService.addError(form, 'file', 'Select a license file.', true);
+                return;
+            }
+
+            var fd = new FormData();
+            fd.append('license', files[0]);
+
+            $scope.submitPromise = apiService.organizations.putLicense({ id: $state.params.orgId }, fd)
+                .$promise.then(function (response) {
+                    $analytics.eventTrack('Updated License');
+                    toastr.success('You have updated your license.');
+                    $uibModalInstance.close();
+                });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationBillingVerifyBankController.js
+++ b/src/app/organization/organizationBillingVerifyBankController.js
@@ -0,0 +1,25 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationBillingVerifyBankController', function ($scope, $state, $uibModalInstance, apiService,
+        $analytics, toastr) {
+        $analytics.eventTrack('organizationBillingVerifyBankController', { category: 'Modal' });
+
+        $scope.submit = function () {
+            var request = {
+                amount1: $scope.amount1,
+                amount2: $scope.amount2
+            };
+
+            $scope.submitPromise = apiService.organizations.postVerifyBank({ id: $state.params.orgId }, request)
+                .$promise.then(function (response) {
+                    $analytics.eventTrack('Verified Bank Account');
+                    toastr.success('You have successfully verified your bank account.');
+                    $uibModalInstance.close();
+                });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationCollectionsAddController.js
+++ b/src/app/organization/organizationCollectionsAddController.js
@@ -2,11 +2,111 @@
    .module('bit.organization')

    .controller('organizationCollectionsAddController', function ($scope, $state, $uibModalInstance, apiService, cipherService,
-        $analytics) {
+        $analytics, authService) {
        $analytics.eventTrack('organizationCollectionsAddController', { category: 'Modal' });
+        var groupsLength = 0;
+        $scope.groups = [];
+        $scope.selectedGroups = {};
+        $scope.loading = true;
+        $scope.useGroups = false;
+
+        $uibModalInstance.opened.then(function () {
+            return authService.getUserProfile();
+        }).then(function (profile) {
+            if (profile.organizations) {
+                var org = profile.organizations[$state.params.orgId];
+                $scope.useGroups = !!org.useGroups;
+            }
+
+            if ($scope.useGroups) {
+                return apiService.groups.listOrganization({ orgId: $state.params.orgId }).$promise;
+            }
+
+            return null;
+        }).then(function (groups) {
+            if (!groups) {
+                $scope.loading = false;
+                return;
+            }
+
+            var groupsArr = [];
+            for (var i = 0; i < groups.Data.length; i++) {
+                groupsArr.push({
+                    id: groups.Data[i].Id,
+                    name: groups.Data[i].Name,
+                    accessAll: groups.Data[i].AccessAll
+                });
+
+                if (!groups.Data[i].AccessAll) {
+                    groupsLength++;
+                }
+            }
+
+            $scope.groups = groupsArr;
+            $scope.loading = false;
+        });
+
+        $scope.toggleGroupSelectionAll = function ($event) {
+            var groups = {};
+            if ($event.target.checked) {
+                for (var i = 0; i < $scope.groups.length; i++) {
+                    groups[$scope.groups[i].id] = {
+                        id: $scope.groups[i].id,
+                        readOnly: ($scope.groups[i].id in $scope.selectedGroups) ?
+                            $scope.selectedGroups[$scope.groups[i].id].readOnly : false
+                    };
+                }
+            }
+
+            $scope.selectedGroups = groups;
+        };
+
+        $scope.toggleGroupSelection = function (id) {
+            if (id in $scope.selectedGroups) {
+                delete $scope.selectedGroups[id];
+            }
+            else {
+                $scope.selectedGroups[id] = {
+                    id: id,
+                    readOnly: false
+                };
+            }
+        };
+
+        $scope.toggleGroupReadOnlySelection = function (group) {
+            if (group.id in $scope.selectedGroups) {
+                $scope.selectedGroups[group.id].readOnly = !group.accessAll && !!!$scope.selectedGroups[group.id].readOnly;
+            }
+        };
+
+        $scope.groupSelected = function (group) {
+            return group.id in $scope.selectedGroups || group.accessAll;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedGroups).length >= groupsLength;
+        };

        $scope.submit = function (model) {
            var collection = cipherService.encryptCollection(model, $state.params.orgId);
+
+            if ($scope.useGroups) {
+                collection.groups = [];
+
+                for (var groupId in $scope.selectedGroups) {
+                    if ($scope.selectedGroups.hasOwnProperty(groupId)) {
+                        for (var i = 0; i < $scope.groups.length; i++) {
+                            if ($scope.groups[i].id === $scope.selectedGroups[groupId].id) {
+                                if (!$scope.groups[i].accessAll) {
+                                    collection.groups.push($scope.selectedGroups[groupId]);
+                                }
+                                break;
+                            }
+                        }
+                    }
+                }
+            }
+
            $scope.submitPromise = apiService.collections.post({ orgId: $state.params.orgId }, collection, function (response) {
                $analytics.eventTrack('Created Collection');
                var decCollection = cipherService.decryptCollection(response, $state.params.orgId, true);
--- a/src/app/organization/organizationCollectionsController.js
+++ b/src/app/organization/organizationCollectionsController.js
@@ -2,7 +2,7 @@
    .module('bit.organization')

    .controller('organizationCollectionsController', function ($scope, $state, apiService, $uibModal, cipherService, $filter,
-        toastr, $analytics) {
+        toastr, $analytics, $uibModalStack) {
        $scope.collections = [];
        $scope.loading = true;
        $scope.$on('$viewContentLoaded', function () {
@@ -96,6 +96,12 @@
            apiService.collections.listOrganization({ orgId: $state.params.orgId }, function (list) {
                $scope.collections = cipherService.decryptCollections(list.Data, $state.params.orgId, true);
                $scope.loading = false;
+
+                if ($state.params.search) {
+                    $uibModalStack.dismissAll();
+                    $scope.filterSearch = $state.params.search;
+                    $('#filterSearch').focus();
+                }
            });
        }
    });
--- a/src/app/organization/organizationCollectionsEditController.js
+++ b/src/app/organization/organizationCollectionsEditController.js
@@ -2,19 +2,131 @@
    .module('bit.organization')

    .controller('organizationCollectionsEditController', function ($scope, $state, $uibModalInstance, apiService, cipherService,
-        $analytics, id) {
+        $analytics, id, authService) {
        $analytics.eventTrack('organizationCollectionsEditController', { category: 'Modal' });
+        var groupsLength = 0;
        $scope.collection = {};
+        $scope.groups = [];
+        $scope.selectedGroups = {};
+        $scope.loading = true;
+        $scope.useGroups = false;

        $uibModalInstance.opened.then(function () {
-            apiService.collections.get({ orgId: $state.params.orgId, id: id }, function (collection) {
-                $scope.collection = cipherService.decryptCollection(collection);
-            });
+            return apiService.collections.getDetails({ orgId: $state.params.orgId, id: id }).$promise;
+        }).then(function (collection) {
+            $scope.collection = cipherService.decryptCollection(collection);
+
+            var groups = {};
+            if (collection.Groups) {
+                for (var i = 0; i < collection.Groups.length; i++) {
+                    groups[collection.Groups[i].Id] = {
+                        id: collection.Groups[i].Id,
+                        readOnly: collection.Groups[i].ReadOnly
+                    };
+                }
+            }
+            $scope.selectedGroups = groups;
+
+            return authService.getUserProfile();
+        }).then(function (profile) {
+            if (profile.organizations) {
+                var org = profile.organizations[$state.params.orgId];
+                $scope.useGroups = !!org.useGroups;
+            }
+
+            if ($scope.useGroups) {
+                return apiService.groups.listOrganization({ orgId: $state.params.orgId }).$promise;
+            }
+
+            return null;
+        }).then(function (groups) {
+            if (!groups) {
+                $scope.loading = false;
+                return;
+            }
+
+            var groupsArr = [];
+            for (var i = 0; i < groups.Data.length; i++) {
+                groupsArr.push({
+                    id: groups.Data[i].Id,
+                    name: groups.Data[i].Name,
+                    accessAll: groups.Data[i].AccessAll
+                });
+
+                if (!groups.Data[i].AccessAll) {
+                    groupsLength++;
+                }
+            }
+
+            $scope.groups = groupsArr;
+            $scope.loading = false;
        });

+        $scope.toggleGroupSelectionAll = function ($event) {
+            var groups = {};
+            if ($event.target.checked) {
+                for (var i = 0; i < $scope.groups.length; i++) {
+                    groups[$scope.groups[i].id] = {
+                        id: $scope.groups[i].id,
+                        readOnly: ($scope.groups[i].id in $scope.selectedGroups) ?
+                            $scope.selectedGroups[$scope.groups[i].id].readOnly : false
+                    };
+                }
+            }
+
+            $scope.selectedGroups = groups;
+        };
+
+        $scope.toggleGroupSelection = function (id) {
+            if (id in $scope.selectedGroups) {
+                delete $scope.selectedGroups[id];
+            }
+            else {
+                $scope.selectedGroups[id] = {
+                    id: id,
+                    readOnly: false
+                };
+            }
+        };
+
+        $scope.toggleGroupReadOnlySelection = function (group) {
+            if (group.id in $scope.selectedGroups) {
+                $scope.selectedGroups[group.id].readOnly = !group.accessAll && !!!$scope.selectedGroups[group.id].readOnly;
+            }
+        };
+
+        $scope.groupSelected = function (group) {
+            return group.id in $scope.selectedGroups || group.accessAll;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedGroups).length >= groupsLength;
+        };
+
        $scope.submit = function (model) {
            var collection = cipherService.encryptCollection(model, $state.params.orgId);
-            $scope.submitPromise = apiService.collections.put({ orgId: $state.params.orgId }, collection, function (response) {
+
+            if ($scope.useGroups) {
+                collection.groups = [];
+
+                for (var groupId in $scope.selectedGroups) {
+                    if ($scope.selectedGroups.hasOwnProperty(groupId)) {
+                        for (var i = 0; i < $scope.groups.length; i++) {
+                            if ($scope.groups[i].id === $scope.selectedGroups[groupId].id) {
+                                if (!$scope.groups[i].accessAll) {
+                                    collection.groups.push($scope.selectedGroups[groupId]);
+                                }
+                                break;
+                            }
+                        }
+                    }
+                }
+            }
+
+            $scope.submitPromise = apiService.collections.put({
+                orgId: $state.params.orgId,
+                id: id
+            }, collection, function (response) {
                $analytics.eventTrack('Edited Collection');
                var decCollection = cipherService.decryptCollection(response, $state.params.orgId, true);
                $uibModalInstance.close(decCollection);
--- a/src/app/organization/organizationCollectionsGroupsController.js
+++ b/src/app/organization/organizationCollectionsGroupsController.js
@@ -1,11 +0,0 @@
-angular
-    .module('bit.organization')
-
-    .controller('organizationCollectionsGroupsController', function ($scope, $state, $uibModalInstance, collection, $analytics) {
-        $analytics.eventTrack('organizationCollectionsGroupsController', { category: 'Modal' });
-        $scope.collection = collection;
-
-        $scope.close = function () {
-            $uibModalInstance.dismiss('cancel');
-        };
-    });
--- a/src/app/organization/organizationCollectionsUsersController.js
+++ b/src/app/organization/organizationCollectionsUsersController.js
@@ -10,18 +10,17 @@

        $uibModalInstance.opened.then(function () {
            $scope.loading = false;
-            apiService.collectionUsers.listCollection(
+            apiService.collections.listUsers(
                {
                    orgId: $state.params.orgId,
-                    collectionId: collection.id
+                    id: collection.id
                },
                function (userList) {
                    if (userList && userList.Data.length) {
                        var users = [];
                        for (var i = 0; i < userList.Data.length; i++) {
                            users.push({
-                                id: userList.Data[i].Id,
-                                userId: userList.Data[i].UserId,
+                                organizationUserId: userList.Data[i].OrganizationUserId,
                                name: userList.Data[i].Name,
                                email: userList.Data[i].Email,
                                type: userList.Data[i].Type,
@@ -41,16 +40,21 @@
                return;
            }

-            apiService.collectionUsers.del({ orgId: $state.params.orgId, id: user.id }, null, function () {
-                toastr.success(user.email + ' has been removed.', 'User Removed');
-                $analytics.eventTrack('Removed User From Collection');
-                var index = $scope.users.indexOf(user);
-                if (index > -1) {
-                    $scope.users.splice(index, 1);
-                }
-            }, function () {
-                toastr.error('Unable to remove user.', 'Error');
-            });
+            apiService.collections.delUser(
+                {
+                    orgId: $state.params.orgId,
+                    id: collection.id,
+                    orgUserId: user.organizationUserId
+                }, null, function () {
+                    toastr.success(user.email + ' has been removed.', 'User Removed');
+                    $analytics.eventTrack('Removed User From Collection');
+                    var index = $scope.users.indexOf(user);
+                    if (index > -1) {
+                        $scope.users.splice(index, 1);
+                    }
+                }, function () {
+                    toastr.error('Unable to remove user.', 'Error');
+                });
        };

        $scope.close = function () {
--- a/src/app/organization/organizationDashboardController.js
+++ b/src/app/organization/organizationDashboardController.js
@@ -1,7 +1,9 @@
 angular
    .module('bit.organization')

-    .controller('organizationDashboardController', function ($scope, authService, $state) {
+    .controller('organizationDashboardController', function ($scope, authService, $state, appSettings) {
+        $scope.selfHosted = appSettings.selfHosted;
+
        $scope.$on('$viewContentLoaded', function () {
            authService.getUserProfile().then(function (userProfile) {
                if (!userProfile.organizations) {
@@ -10,4 +12,8 @@
                $scope.orgProfile = userProfile.organizations[$state.params.orgId];
            });
        });
+
+        $scope.goBilling = function () {
+            $state.go('backend.org.billing', { orgId: $state.params.orgId });
+        };
    });
--- a/src/app/organization/organizationDeleteController.js
+++ b/src/app/organization/organizationDeleteController.js
@@ -5,19 +5,18 @@
        authService, toastr, $analytics) {
        $analytics.eventTrack('organizationDeleteController', { category: 'Modal' });
        $scope.submit = function () {
-            var request = {
-                masterPasswordHash: cryptoService.hashPassword($scope.masterPassword)
-            };
-
-            $scope.submitPromise = apiService.organizations.del({ id: $state.params.orgId }, request, function () {
+            $scope.submitPromise = cryptoService.hashPassword($scope.masterPassword).then(function (hash) {
+                return apiService.organizations.del({ id: $state.params.orgId }, {
+                    masterPasswordHash: hash
+                }).$promise;
+            }).then(function () {
                $uibModalInstance.dismiss('cancel');
                authService.removeProfileOrganization($state.params.orgId);
                $analytics.eventTrack('Deleted Organization');
-                $state.go('backend.user.vault').then(function () {
-                    toastr.success('This organization and all associated data has been deleted.',
-                        'Organization Deleted');
-                });
-            }).$promise;
+                return $state.go('backend.user.vault');
+            }).then(function () {
+                toastr.success('This organization and all associated data has been deleted.', 'Organization Deleted');
+            });
        };

        $scope.close = function () {
--- a/src/app/organization/organizationEventsController.js
+++ b/src/app/organization/organizationEventsController.js
@@ -0,0 +1,100 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationEventsController', function ($scope, $state, apiService, $uibModal, $filter,
+        toastr, $analytics, constants, eventService, $compile, $sce) {
+        $scope.events = [];
+        $scope.orgUsers = [];
+        $scope.loading = true;
+        $scope.continuationToken = null;
+
+        var defaultFilters = eventService.getDefaultDateFilters();
+        $scope.filterStart = defaultFilters.start;
+        $scope.filterEnd = defaultFilters.end;
+
+        $scope.$on('$viewContentLoaded', function () {
+            load();
+        });
+
+        $scope.refresh = function () {
+            loadEvents(true);
+        };
+
+        $scope.next = function () {
+            loadEvents(false);
+        };
+
+        var i = 0,
+            orgUsersUserIdDict = {},
+            orgUsersIdDict = {};
+
+        function load() {
+            apiService.organizationUsers.list({ orgId: $state.params.orgId }).$promise.then(function (list) {
+                var users = [];
+                for (i = 0; i < list.Data.length; i++) {
+                    var user = {
+                        id: list.Data[i].Id,
+                        userId: list.Data[i].UserId,
+                        name: list.Data[i].Name,
+                        email: list.Data[i].Email
+                    };
+
+                    users.push(user);
+
+                    var displayName = user.name || user.email;
+                    orgUsersUserIdDict[user.userId] = displayName;
+                    orgUsersIdDict[user.id] = displayName;
+                }
+
+                $scope.orgUsers = users;
+
+                return loadEvents(true);
+            });
+        }
+
+        function loadEvents(clearExisting) {
+            var filterResult = eventService.formatDateFilters($scope.filterStart, $scope.filterEnd);
+            if (filterResult.error) {
+                alert(filterResult.error);
+                return;
+            }
+
+            if (clearExisting) {
+                $scope.continuationToken = null;
+                $scope.events = [];
+            }
+
+            $scope.loading = true;
+            return apiService.events.listOrganization({
+                orgId: $state.params.orgId,
+                start: filterResult.start,
+                end: filterResult.end,
+                continuationToken: $scope.continuationToken
+            }).$promise.then(function (list) {
+                $scope.continuationToken = list.ContinuationToken;
+
+                var events = [];
+                for (i = 0; i < list.Data.length; i++) {
+                    var userId = list.Data[i].ActingUserId || list.Data[i].UserId;
+                    var eventInfo = eventService.getEventInfo(list.Data[i]);
+                    var htmlMessage = $compile('<span>' + eventInfo.message + '</span>')($scope);
+                    events.push({
+                        message: $sce.trustAsHtml(htmlMessage[0].outerHTML),
+                        appIcon: eventInfo.appIcon,
+                        appName: eventInfo.appName,
+                        userId: userId,
+                        userName: userId ? (orgUsersUserIdDict[userId] || '-') : '-',
+                        date: list.Data[i].Date,
+                        ip: list.Data[i].IpAddress
+                    });
+                }
+                if ($scope.events && $scope.events.length > 0) {
+                    $scope.events = $scope.events.concat(events);
+                }
+                else {
+                    $scope.events = events;
+                }
+                $scope.loading = false;
+            });
+        }
+    });
--- a/src/app/organization/organizationGroupsAddController.js
+++ b/src/app/organization/organizationGroupsAddController.js
@@ -0,0 +1,87 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationGroupsAddController', function ($scope, $state, $uibModalInstance, apiService, cipherService,
+        $analytics) {
+        $analytics.eventTrack('organizationGroupsAddController', { category: 'Modal' });
+        $scope.collections = [];
+        $scope.selectedCollections = {};
+        $scope.loading = true;
+
+        $uibModalInstance.opened.then(function () {
+            return apiService.collections.listOrganization({ orgId: $state.params.orgId }).$promise;
+        }).then(function (collections) {
+            $scope.collections = cipherService.decryptCollections(collections.Data, $state.params.orgId, true);
+            $scope.loading = false;
+        });
+
+        $scope.toggleCollectionSelectionAll = function ($event) {
+            var collections = {};
+            if ($event.target.checked) {
+                for (var i = 0; i < $scope.collections.length; i++) {
+                    collections[$scope.collections[i].id] = {
+                        id: $scope.collections[i].id,
+                        readOnly: ($scope.collections[i].id in $scope.selectedCollections) ?
+                            $scope.selectedCollections[$scope.collections[i].id].readOnly : false
+                    };
+                }
+            }
+
+            $scope.selectedCollections = collections;
+        };
+
+        $scope.toggleCollectionSelection = function (id) {
+            if (id in $scope.selectedCollections) {
+                delete $scope.selectedCollections[id];
+            }
+            else {
+                $scope.selectedCollections[id] = {
+                    id: id,
+                    readOnly: false
+                };
+            }
+        };
+
+        $scope.toggleCollectionReadOnlySelection = function (id) {
+            if (id in $scope.selectedCollections) {
+                $scope.selectedCollections[id].readOnly = !!!$scope.selectedCollections[id].readOnly;
+            }
+        };
+
+        $scope.collectionSelected = function (collection) {
+            return collection.id in $scope.selectedCollections;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedCollections).length === $scope.collections.length;
+        };
+
+        $scope.submit = function (model) {
+            var group = {
+                name: model.name,
+                accessAll: !!model.accessAll,
+                externalId: model.externalId
+            };
+
+            if (!group.accessAll) {
+                group.collections = [];
+                for (var collectionId in $scope.selectedCollections) {
+                    if ($scope.selectedCollections.hasOwnProperty(collectionId)) {
+                        group.collections.push($scope.selectedCollections[collectionId]);
+                    }
+                }
+            }
+
+            $scope.submitPromise = apiService.groups.post({ orgId: $state.params.orgId }, group, function (response) {
+                $analytics.eventTrack('Created Group');
+                $uibModalInstance.close({
+                    id: response.Id,
+                    name: response.Name
+                });
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationGroupsController.js
+++ b/src/app/organization/organizationGroupsController.js
@@ -1,6 +1,99 @@
 angular
    .module('bit.organization')

-    .controller('organizationGroupsController', function ($scope, $state) {
-        
+    .controller('organizationGroupsController', function ($scope, $state, apiService, $uibModal, $filter,
+        toastr, $analytics, $uibModalStack) {
+        $scope.groups = [];
+        $scope.loading = true;
+        $scope.$on('$viewContentLoaded', function () {
+            loadList();
+        });
+
+        $scope.$on('organizationGroupsAdd', function (event, args) {
+            $scope.add();
+        });
+
+        $scope.add = function () {
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationGroupsAdd.html',
+                controller: 'organizationGroupsAddController'
+            });
+
+            modal.result.then(function (group) {
+                $scope.groups.push(group);
+            });
+        };
+
+        $scope.edit = function (group) {
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationGroupsEdit.html',
+                controller: 'organizationGroupsEditController',
+                resolve: {
+                    id: function () { return group.id; }
+                }
+            });
+
+            modal.result.then(function (editedGroup) {
+                var existingGroups = $filter('filter')($scope.groups, { id: editedGroup.id }, true);
+                if (existingGroups && existingGroups.length > 0) {
+                    existingGroups[0].name = editedGroup.name;
+                }
+            });
+        };
+
+        $scope.users = function (group) {
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationGroupsUsers.html',
+                controller: 'organizationGroupsUsersController',
+                size: 'lg',
+                resolve: {
+                    group: function () { return group; }
+                }
+            });
+
+            modal.result.then(function () {
+                // nothing to do
+            });
+        };
+
+        $scope.delete = function (group) {
+            if (!confirm('Are you sure you want to delete this group (' + group.name + ')?')) {
+                return;
+            }
+
+            apiService.groups.del({ orgId: $state.params.orgId, id: group.id }, function () {
+                var index = $scope.groups.indexOf(group);
+                if (index > -1) {
+                    $scope.groups.splice(index, 1);
+                }
+
+                $analytics.eventTrack('Deleted Group');
+                toastr.success(group.name + ' has been deleted.', 'Group Deleted');
+            }, function () {
+                toastr.error(group.name + ' was not able to be deleted.', 'Error');
+            });
+        };
+
+        function loadList() {
+            apiService.groups.listOrganization({ orgId: $state.params.orgId }, function (list) {
+                var groups = [];
+                for (var i = 0; i < list.Data.length; i++) {
+                    groups.push({
+                        id: list.Data[i].Id,
+                        name: list.Data[i].Name
+                    });
+                }
+                $scope.groups = groups;
+                $scope.loading = false;
+
+                if ($state.params.search) {
+                    $uibModalStack.dismissAll();
+                    $scope.filterSearch = $state.params.search;
+                    $('#filterSearch').focus();
+                }
+            });
+        }
    });
--- a/src/app/organization/organizationGroupsEditController.js
+++ b/src/app/organization/organizationGroupsEditController.js
@@ -0,0 +1,110 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationGroupsEditController', function ($scope, $state, $uibModalInstance, apiService, cipherService,
+        $analytics, id) {
+        $analytics.eventTrack('organizationGroupsEditController', { category: 'Modal' });
+        $scope.collections = [];
+        $scope.selectedCollections = {};
+        $scope.loading = true;
+
+        $uibModalInstance.opened.then(function () {
+            return apiService.groups.getDetails({ orgId: $state.params.orgId, id: id }).$promise;
+        }).then(function (group) {
+            $scope.group = {
+                id: id,
+                name: group.Name,
+                externalId: group.ExternalId,
+                accessAll: group.AccessAll
+            };
+
+            var collections = {};
+            if (group.Collections) {
+                for (var i = 0; i < group.Collections.length; i++) {
+                    collections[group.Collections[i].Id] = {
+                        id: group.Collections[i].Id,
+                        readOnly: group.Collections[i].ReadOnly
+                    };
+                }
+            }
+            $scope.selectedCollections = collections;
+
+            return apiService.collections.listOrganization({ orgId: $state.params.orgId }).$promise;
+        }).then(function (collections) {
+            $scope.collections = cipherService.decryptCollections(collections.Data, $state.params.orgId, true);
+            $scope.loading = false;
+        });
+
+        $scope.toggleCollectionSelectionAll = function ($event) {
+            var collections = {};
+            if ($event.target.checked) {
+                for (var i = 0; i < $scope.collections.length; i++) {
+                    collections[$scope.collections[i].id] = {
+                        id: $scope.collections[i].id,
+                        readOnly: ($scope.collections[i].id in $scope.selectedCollections) ?
+                            $scope.selectedCollections[$scope.collections[i].id].readOnly : false
+                    };
+                }
+            }
+
+            $scope.selectedCollections = collections;
+        };
+
+        $scope.toggleCollectionSelection = function (id) {
+            if (id in $scope.selectedCollections) {
+                delete $scope.selectedCollections[id];
+            }
+            else {
+                $scope.selectedCollections[id] = {
+                    id: id,
+                    readOnly: false
+                };
+            }
+        };
+
+        $scope.toggleCollectionReadOnlySelection = function (id) {
+            if (id in $scope.selectedCollections) {
+                $scope.selectedCollections[id].readOnly = !!!$scope.selectedCollections[id].readOnly;
+            }
+        };
+
+        $scope.collectionSelected = function (collection) {
+            return collection.id in $scope.selectedCollections;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedCollections).length === $scope.collections.length;
+        };
+
+        $scope.submit = function () {
+            var group = {
+                name: $scope.group.name,
+                accessAll: !!$scope.group.accessAll,
+                externalId: $scope.group.externalId
+            };
+
+            if (!group.accessAll) {
+                group.collections = [];
+                for (var collectionId in $scope.selectedCollections) {
+                    if ($scope.selectedCollections.hasOwnProperty(collectionId)) {
+                        group.collections.push($scope.selectedCollections[collectionId]);
+                    }
+                }
+            }
+
+            $scope.submitPromise = apiService.groups.put({
+                orgId: $state.params.orgId,
+                id: id
+            }, group, function (response) {
+                $analytics.eventTrack('Edited Group');
+                $uibModalInstance.close({
+                    id: response.Id,
+                    name: response.Name
+                });
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationGroupsUsersController.js
+++ b/src/app/organization/organizationGroupsUsersController.js
@@ -0,0 +1,57 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationGroupsUsersController', function ($scope, $state, $uibModalInstance, apiService,
+        $analytics, group, toastr) {
+        $analytics.eventTrack('organizationGroupUsersController', { category: 'Modal' });
+        $scope.loading = true;
+        $scope.group = group;
+        $scope.users = [];
+
+        $uibModalInstance.opened.then(function () {
+            return apiService.groups.listUsers({
+                orgId: $state.params.orgId,
+                id: group.id
+            }).$promise;
+        }).then(function (userList) {
+            var users = [];
+            if (userList && userList.Data.length) {
+                for (var i = 0; i < userList.Data.length; i++) {
+                    users.push({
+                        organizationUserId: userList.Data[i].OrganizationUserId,
+                        name: userList.Data[i].Name,
+                        email: userList.Data[i].Email,
+                        type: userList.Data[i].Type,
+                        status: userList.Data[i].Status,
+                        accessAll: userList.Data[i].AccessAll
+                    });
+                }
+            }
+
+            $scope.users = users;
+            $scope.loading = false;
+        });
+
+        $scope.remove = function (user) {
+            if (!confirm('Are you sure you want to remove this user (' + user.email + ') from this ' +
+                'group (' + group.name + ')?')) {
+                return;
+            }
+
+            apiService.groups.delUser({ orgId: $state.params.orgId, id: group.id, orgUserId: user.organizationUserId }, null,
+                function () {
+                    toastr.success(user.email + ' has been removed.', 'User Removed');
+                    $analytics.eventTrack('Removed User From Group');
+                    var index = $scope.users.indexOf(user);
+                    if (index > -1) {
+                        $scope.users.splice(index, 1);
+                    }
+                }, function () {
+                    toastr.error('Unable to remove user.', 'Error');
+                });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationPeopleController.js
+++ b/src/app/organization/organizationPeopleController.js
@@ -1,11 +1,22 @@
 angular
    .module('bit.organization')

-    .controller('organizationPeopleController', function ($scope, $state, $uibModal, cryptoService, apiService,
-        toastr, $analytics) {
+    .controller('organizationPeopleController', function ($scope, $state, $uibModal, cryptoService, apiService, authService,
+        toastr, $analytics, $filter, $uibModalStack) {
        $scope.users = [];
+        $scope.useGroups = false;
+        $scope.useEvents = false;
+
        $scope.$on('$viewContentLoaded', function () {
            loadList();
+
+            authService.getUserProfile().then(function (profile) {
+                if (profile.organizations) {
+                    var org = profile.organizations[$state.params.orgId];
+                    $scope.useGroups = !!org.useGroups;
+                    $scope.useEvents = !!org.useEvents;
+                }
+            });
        });

        $scope.reinvite = function (user) {
@@ -71,13 +82,13 @@
            });
        };

-        $scope.edit = function (id) {
+        $scope.edit = function (orgUser) {
            var modal = $uibModal.open({
                animation: true,
                templateUrl: 'app/organization/views/organizationPeopleEdit.html',
                controller: 'organizationPeopleEditController',
                resolve: {
-                    id: function () { return id; }
+                    orgUser: function () { return orgUser; }
                }
            });

@@ -86,6 +97,33 @@
            });
        };

+        $scope.groups = function (user) {
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationPeopleGroups.html',
+                controller: 'organizationPeopleGroupsController',
+                resolve: {
+                    orgUser: function () { return user; }
+                }
+            });
+
+            modal.result.then(function () {
+
+            });
+        };
+
+        $scope.events = function (user) {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationPeopleEvents.html',
+                controller: 'organizationPeopleEventsController',
+                resolve: {
+                    orgUser: function () { return user; },
+                    orgId: function () { return $state.params.orgId; }
+                }
+            });
+        };
+
        function loadList() {
            apiService.organizationUsers.list({ orgId: $state.params.orgId }, function (list) {
                var users = [];
@@ -105,6 +143,20 @@
                }

                $scope.users = users;
+
+                if ($state.params.search) {
+                    $uibModalStack.dismissAll();
+                    $scope.filterSearch = $state.params.search;
+                    $('#filterSearch').focus();
+                }
+
+                if ($state.params.viewEvents) {
+                    $uibModalStack.dismissAll();
+                    var eventUser = $filter('filter')($scope.users, { id: $state.params.viewEvents });
+                    if (eventUser && eventUser.length) {
+                        $scope.events(eventUser[0]);
+                    }
+                }
            });
        }
    });
--- a/src/app/organization/organizationPeopleEditController.js
+++ b/src/app/organization/organizationPeopleEditController.js
@@ -1,8 +1,8 @@
 angular
    .module('bit.organization')

-    .controller('organizationPeopleEditController', function ($scope, $state, $uibModalInstance, apiService, cipherService, id,
-        $analytics) {
+    .controller('organizationPeopleEditController', function ($scope, $state, $uibModalInstance, apiService, cipherService,
+        orgUser, $analytics) {
        $analytics.eventTrack('organizationPeopleEditController', { category: 'Modal' });

        $scope.loading = true;
@@ -15,17 +15,17 @@
                $scope.loading = false;
            });

-            apiService.organizationUsers.get({ orgId: $state.params.orgId, id: id }, function (user) {
+            apiService.organizationUsers.get({ orgId: $state.params.orgId, id: orgUser.id }, function (user) {
                var collections = {};
                if (user && user.Collections) {
-                    for (var i = 0; i < user.Collections.Data.length; i++) {
-                        collections[user.Collections.Data[i].Id] = {
-                            collectionId: user.Collections.Data[i].Id,
-                            readOnly: user.Collections.Data[i].ReadOnly
+                    for (var i = 0; i < user.Collections.length; i++) {
+                        collections[user.Collections[i].Id] = {
+                            id: user.Collections[i].Id,
+                            readOnly: user.Collections[i].ReadOnly
                        };
                    }
                }
-                $scope.email = user.Email;
+                $scope.email = orgUser.email;
                $scope.type = user.Type;
                $scope.accessAll = user.AccessAll;
                $scope.selectedCollections = collections;
@@ -37,7 +37,7 @@
            if ($event.target.checked) {
                for (var i = 0; i < $scope.collections.length; i++) {
                    collections[$scope.collections[i].id] = {
-                        collectionId: $scope.collections[i].id,
+                        id: $scope.collections[i].id,
                        readOnly: ($scope.collections[i].id in $scope.selectedCollections) ?
                            $scope.selectedCollections[$scope.collections[i].id].readOnly : false
                    };
@@ -53,7 +53,7 @@
            }
            else {
                $scope.selectedCollections[id] = {
-                    collectionId: id,
+                    id: id,
                    readOnly: false
                };
            }
@@ -84,14 +84,18 @@
                }
            }

-            $scope.submitPromise = apiService.organizationUsers.put({ orgId: $state.params.orgId, id: id }, {
-                type: $scope.type,
-                collections: collections,
-                accessAll: $scope.accessAll
-            }, function () {
-                $analytics.eventTrack('Edited User');
-                $uibModalInstance.close();
-            }).$promise;
+            $scope.submitPromise = apiService.organizationUsers.put(
+                {
+                    orgId: $state.params.orgId,
+                    id: orgUser.id
+                }, {
+                    type: $scope.type,
+                    collections: collections,
+                    accessAll: $scope.accessAll
+                }, function () {
+                    $analytics.eventTrack('Edited User');
+                    $uibModalInstance.close();
+                }).$promise;
        };

        $scope.close = function () {
--- a/src/app/organization/organizationPeopleEventsController.js
+++ b/src/app/organization/organizationPeopleEventsController.js
@@ -0,0 +1,75 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationPeopleEventsController', function ($scope, apiService, $uibModalInstance,
+        orgUser, $analytics, eventService, orgId, $compile, $sce) {
+        $analytics.eventTrack('organizationPeopleEventsController', { category: 'Modal' });
+        $scope.email = orgUser.email;
+        $scope.events = [];
+        $scope.loading = true;
+        $scope.continuationToken = null;
+
+        var defaultFilters = eventService.getDefaultDateFilters();
+        $scope.filterStart = defaultFilters.start;
+        $scope.filterEnd = defaultFilters.end;
+
+        $uibModalInstance.opened.then(function () {
+            loadEvents(true);
+        });
+
+        $scope.refresh = function () {
+            loadEvents(true);
+        };
+
+        $scope.next = function () {
+            loadEvents(false);
+        };
+        
+        function loadEvents(clearExisting) {
+            var filterResult = eventService.formatDateFilters($scope.filterStart, $scope.filterEnd);
+            if (filterResult.error) {
+                alert(filterResult.error);
+                return;
+            }
+
+            if (clearExisting) {
+                $scope.continuationToken = null;
+                $scope.events = [];
+            }
+
+            $scope.loading = true;
+            return apiService.events.listOrganizationUser({
+                orgId: orgId,
+                id: orgUser.id,
+                start: filterResult.start,
+                end: filterResult.end,
+                continuationToken: $scope.continuationToken
+            }).$promise.then(function (list) {
+                $scope.continuationToken = list.ContinuationToken;
+
+                var events = [];
+                for (var i = 0; i < list.Data.length; i++) {
+                    var eventInfo = eventService.getEventInfo(list.Data[i]);
+                    var htmlMessage = $compile('<span>' + eventInfo.message + '</span>')($scope);
+                    events.push({
+                        message: $sce.trustAsHtml(htmlMessage[0].outerHTML),
+                        appIcon: eventInfo.appIcon,
+                        appName: eventInfo.appName,
+                        date: list.Data[i].Date,
+                        ip: list.Data[i].IpAddress
+                    });
+                }
+                if ($scope.events && $scope.events.length > 0) {
+                    $scope.events = $scope.events.concat(events);
+                }
+                else {
+                    $scope.events = events;
+                }
+                $scope.loading = false;
+            });
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationPeopleGroupsController.js
+++ b/src/app/organization/organizationPeopleGroupsController.js
@@ -0,0 +1,85 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationPeopleGroupsController', function ($scope, $state, $uibModalInstance, apiService,
+        orgUser, $analytics) {
+        $analytics.eventTrack('organizationPeopleGroupsController', { category: 'Modal' });
+
+        $scope.loading = true;
+        $scope.groups = [];
+        $scope.selectedGroups = {};
+        $scope.orgUser = orgUser;
+
+        $uibModalInstance.opened.then(function () {
+            return apiService.groups.listOrganization({ orgId: $state.params.orgId }).$promise;
+        }).then(function (groupsList) {
+            var groups = [];
+            for (var i = 0; i < groupsList.Data.length; i++) {
+                groups.push({
+                    id: groupsList.Data[i].Id,
+                    name: groupsList.Data[i].Name
+                });
+            }
+            $scope.groups = groups;
+
+            return apiService.organizationUsers.listGroups({ orgId: $state.params.orgId, id: orgUser.id }).$promise;
+        }).then(function (groupIds) {
+            var selectedGroups = {};
+            if (groupIds) {
+                for (var i = 0; i < groupIds.length; i++) {
+                    selectedGroups[groupIds[i]] = true;
+                }
+            }
+            $scope.selectedGroups = selectedGroups;
+            $scope.loading = false;
+        });
+
+        $scope.toggleGroupSelectionAll = function ($event) {
+            var groups = {};
+            if ($event.target.checked) {
+                for (var i = 0; i < $scope.groups.length; i++) {
+                    groups[$scope.groups[i].id] = true;
+                }
+            }
+
+            $scope.selectedGroups = groups;
+        };
+
+        $scope.toggleGroupSelection = function (id) {
+            if (id in $scope.selectedGroups) {
+                delete $scope.selectedGroups[id];
+            }
+            else {
+                $scope.selectedGroups[id] = true;
+            }
+        };
+
+        $scope.groupSelected = function (group) {
+            return group.id in $scope.selectedGroups;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedGroups).length === $scope.groups.length;
+        };
+
+        $scope.submitPromise = null;
+        $scope.submit = function (model) {
+            var groups = [];
+            for (var groupId in $scope.selectedGroups) {
+                if ($scope.selectedGroups.hasOwnProperty(groupId)) {
+                    groups.push(groupId);
+                }
+            }
+
+            $scope.submitPromise = apiService.organizationUsers.putGroups({ orgId: $state.params.orgId, id: orgUser.id }, {
+                groupIds: groups,
+            }, function () {
+                $analytics.eventTrack('Edited User Groups');
+                $uibModalInstance.close();
+            }).$promise;
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationPeopleInviteController.js
+++ b/src/app/organization/organizationPeopleInviteController.js
@@ -24,7 +24,7 @@
            if ($event.target.checked) {
                for (var i = 0; i < $scope.collections.length; i++) {
                    collections[$scope.collections[i].id] = {
-                        collectionId: $scope.collections[i].id,
+                        id: $scope.collections[i].id,
                        readOnly: ($scope.collections[i].id in $scope.selectedCollections) ?
                            $scope.selectedCollections[$scope.collections[i].id].readOnly : false
                    };
@@ -40,7 +40,7 @@
            }
            else {
                $scope.selectedCollections[id] = {
-                    collectionId: id,
+                    id: id,
                    readOnly: false
                };
            }
@@ -72,8 +72,10 @@
                }
            }

+            var splitEmails = model.emails.trim().split(/\s*,\s*/);
+
            $scope.submitPromise = apiService.organizationUsers.invite({ orgId: $state.params.orgId }, {
-                email: model.email,
+                emails: splitEmails,
                type: model.type,
                collections: collections,
                accessAll: model.accessAll
--- a/src/app/organization/organizationSettingsController.js
+++ b/src/app/organization/organizationSettingsController.js
@@ -2,19 +2,55 @@
    .module('bit.organization')

    .controller('organizationSettingsController', function ($scope, $state, apiService, toastr, authService, $uibModal,
-        $analytics) {
+        $analytics, appSettings, constants, $filter) {
+        $scope.selfHosted = appSettings.selfHosted;
        $scope.model = {};
+        $scope.twoStepProviders = $filter('filter')(constants.twoFactorProviderInfo, { organization: true });
+        $scope.use2fa = false;
+
        $scope.$on('$viewContentLoaded', function () {
-            apiService.organizations.get({ id: $state.params.orgId }, function (org) {
+            apiService.organizations.get({ id: $state.params.orgId }).$promise.then(function (org) {
                $scope.model = {
                    name: org.Name,
                    billingEmail: org.BillingEmail,
-                    businessName: org.BusinessName
+                    businessName: org.BusinessName,
+                    businessAddress1: org.BusinessAddress1,
+                    businessAddress2: org.BusinessAddress2,
+                    businessAddress3: org.BusinessAddress3,
+                    businessCountry: org.BusinessCountry,
+                    businessTaxNumber: org.BusinessTaxNumber
                };
+
+                $scope.use2fa = org.Use2fa;
+                if (org.Use2fa) {
+                    return apiService.twoFactor.listOrganization({ orgId: $state.params.orgId }).$promise;
+                }
+                else {
+                    return null;
+                }
+            }).then(function (response) {
+                if (!response || !response.Data) {
+                    return;
+                }
+
+                for (var i = 0; i < response.Data.length; i++) {
+                    if (!response.Data[i].Enabled) {
+                        continue;
+                    }
+
+                    var provider = $filter('filter')($scope.twoStepProviders, { type: response.Data[i].Type });
+                    if (provider.length) {
+                        provider[0].enabled = true;
+                    }
+                }
            });
        });

        $scope.generalSave = function () {
+            if ($scope.selfHosted) {
+                return;
+            }
+
            $scope.generalPromise = apiService.organizations.put({ id: $state.params.orgId }, $scope.model, function (org) {
                authService.updateProfileOrganization(org).then(function (updatedOrg) {
                    $analytics.eventTrack('Updated Organization Settings');
@@ -23,6 +59,22 @@
            }).$promise;
        };

+        $scope.import = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/tools/views/toolsImport.html',
+                controller: 'organizationSettingsImportController'
+            });
+        };
+
+        $scope.export = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/tools/views/toolsExport.html',
+                controller: 'organizationSettingsExportController'
+            });
+        };
+
        $scope.delete = function () {
            $uibModal.open({
                animation: true,
@@ -30,4 +82,30 @@
                controller: 'organizationDeleteController'
            });
        };
+
+        $scope.edit = function (provider) {
+            if (provider.type === constants.twoFactorProvider.organizationDuo) {
+                typeName = 'Duo';
+            }
+            else {
+                return;
+            }
+
+            var modal = $uibModal.open({
+                animation: true,
+                templateUrl: 'app/settings/views/settingsTwoStep' + typeName + '.html',
+                controller: 'settingsTwoStep' + typeName + 'Controller',
+                resolve: {
+                    enabled: function () { return provider.enabled; },
+                    orgId: function () { return $state.params.orgId; }
+                }
+            });
+
+            modal.result.then(function (enabled) {
+                if (enabled || enabled === false) {
+                    // do not adjust when undefined or null
+                    provider.enabled = enabled;
+                }
+            });
+        };
    });
--- a/src/app/organization/organizationSettingsExportController.js
+++ b/src/app/organization/organizationSettingsExportController.js
@@ -0,0 +1,155 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationSettingsExportController', function ($scope, apiService, $uibModalInstance, cipherService,
+        $q, toastr, $analytics, $state, constants) {
+        $analytics.eventTrack('organizationSettingsExportController', { category: 'Modal' });
+        $scope.export = function (model) {
+            $scope.startedExport = true;
+            var decCiphers = [],
+                decCollections = [];
+
+            var collectionsPromise = apiService.collections.listOrganization({ orgId: $state.params.orgId },
+                function (collections) {
+                    decCollections = cipherService.decryptCollections(collections.Data, $state.params.orgId, true);
+                }).$promise;
+
+            var ciphersPromise = apiService.ciphers.listOrganizationDetails({ organizationId: $state.params.orgId },
+                function (ciphers) {
+                    decCiphers = cipherService.decryptCiphers(ciphers.Data);
+                }).$promise;
+
+            $q.all([collectionsPromise, ciphersPromise]).then(function () {
+                if (!decCiphers.length) {
+                    toastr.error('Nothing to export.', 'Error!');
+                    $scope.close();
+                    return;
+                }
+
+                var i;
+                var collectionsDict = {};
+                for (i = 0; i < decCollections.length; i++) {
+                    collectionsDict[decCollections[i].id] = decCollections[i];
+                }
+
+                try {
+                    var exportCiphers = [];
+                    for (i = 0; i < decCiphers.length; i++) {
+                        // only export logins and secure notes
+                        if (decCiphers[i].type !== constants.cipherType.login &&
+                            decCiphers[i].type !== constants.cipherType.secureNote) {
+                            continue;
+                        }
+
+                        var cipher = {
+                            collections: [],
+                            type: null,
+                            name: decCiphers[i].name,
+                            notes: decCiphers[i].notes,
+                            fields: null,
+                            // Login props
+                            login_uri: null,
+                            login_username: null,
+                            login_password: null,
+                            login_totp: null
+                        };
+
+                        var j;
+                        if (decCiphers[i].collectionIds) {
+                            for (j = 0; j < decCiphers[i].collectionIds.length; j++) {
+                                if (collectionsDict.hasOwnProperty(decCiphers[i].collectionIds[j])) {
+                                    cipher.collections.push(collectionsDict[decCiphers[i].collectionIds[j]].name);
+                                }
+                            }
+                        }
+
+                        if (decCiphers[i].fields) {
+                            for (j = 0; j < decCiphers[i].fields.length; j++) {
+                                if (!cipher.fields) {
+                                    cipher.fields = '';
+                                }
+                                else {
+                                    cipher.fields += '\n';
+                                }
+
+                                cipher.fields += ((decCiphers[i].fields[j].name || '') + ': ' + decCiphers[i].fields[j].value);
+                            }
+                        }
+
+                        switch (decCiphers[i].type) {
+                            case constants.cipherType.login:
+                                cipher.type = 'login';
+                                cipher.login_uri = null;
+                                cipher.login_username = decCiphers[i].login.username;
+                                cipher.login_password = decCiphers[i].login.password;
+                                cipher.login_totp = decCiphers[i].login.totp;
+
+                                if (decCiphers[i].login.uris && decCiphers[i].login.uris.length) {
+                                    cipher.login_uri = [];
+                                    for (j = 0; j < decCiphers[i].login.uris.length; j++) {
+                                        cipher.login_uri.push(decCiphers[i].login.uris[j].uri);
+                                    }
+                                }
+                                break;
+                            case constants.cipherType.secureNote:
+                                cipher.type = 'note';
+                                break;
+                            default:
+                                continue;
+                        }
+
+                        exportCiphers.push(cipher);
+                    }
+
+                    var csvString = Papa.unparse(exportCiphers);
+                    var csvBlob = new Blob([csvString]);
+
+                    // IE hack. ref http://msdn.microsoft.com/en-us/library/ie/hh779016.aspx
+                    if (window.navigator.msSaveOrOpenBlob) {
+                        window.navigator.msSaveBlob(csvBlob, makeFileName());
+                    }
+                    else {
+                        var a = window.document.createElement('a');
+                        a.href = window.URL.createObjectURL(csvBlob, { type: 'text/plain' });
+                        a.download = makeFileName();
+                        document.body.appendChild(a);
+                        // IE: "Access is denied". 
+                        // ref: https://connect.microsoft.com/IE/feedback/details/797361/ie-10-treats-blob-url-as-cross-origin-and-denies-access
+                        a.click();
+                        document.body.removeChild(a);
+                    }
+
+                    $analytics.eventTrack('Exported Organization Data');
+                    toastr.success('Your data has been exported. Check your browser\'s downloads folder.', 'Success!');
+                    $scope.close();
+                }
+                catch (err) {
+                    toastr.error('Something went wrong. Please try again.', 'Error!');
+                    $scope.close();
+                }
+            }, function () {
+                toastr.error('Something went wrong. Please try again.', 'Error!');
+                $scope.close();
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+
+        function makeFileName() {
+            var now = new Date();
+            var dateString =
+                now.getFullYear() + '' + padNumber(now.getMonth() + 1, 2) + '' + padNumber(now.getDate(), 2) +
+                padNumber(now.getHours(), 2) + '' + padNumber(now.getMinutes(), 2) +
+                padNumber(now.getSeconds(), 2);
+
+            return 'bitwarden_org_export_' + dateString + '.csv';
+        }
+
+        function padNumber(number, width, paddingCharacter) {
+            paddingCharacter = paddingCharacter || '0';
+            number = number + '';
+            return number.length >= width ? number : new Array(width - number.length + 1).join(paddingCharacter) + number;
+        }
+    });
--- a/src/app/organization/organizationSettingsImportController.js
+++ b/src/app/organization/organizationSettingsImportController.js
@@ -0,0 +1,129 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationSettingsImportController', function ($scope, $state, apiService, $uibModalInstance, cipherService,
+        toastr, importService, $analytics, $sce, validationService, cryptoService) {
+        $analytics.eventTrack('organizationSettingsImportController', { category: 'Modal' });
+        $scope.model = { source: '' };
+        $scope.source = {};
+        $scope.splitFeatured = false;
+
+        $scope.options = [
+            {
+                id: 'bitwardencsv',
+                name: 'Bitwarden (csv)',
+                featured: true,
+                sort: 1,
+                instructions: $sce.trustAsHtml('Export using the web vault (vault.bitwarden.com). ' +
+                    'Log into the web vault and navigate to your organization\'s admin area. Then to go ' +
+                    '"Settings" > "Tools" > "Export".')
+            },
+            {
+                id: 'lastpass',
+                name: 'LastPass (csv)',
+                featured: true,
+                sort: 2,
+                instructions: $sce.trustAsHtml('See detailed instructions on our help site at ' +
+                    '<a target="_blank" href="https://help.bitwarden.com/article/import-from-lastpass/">' +
+                    'https://help.bitwarden.com/article/import-from-lastpass/</a>')
+            }
+        ];
+
+        $scope.setSource = function () {
+            for (var i = 0; i < $scope.options.length; i++) {
+                if ($scope.options[i].id === $scope.model.source) {
+                    $scope.source = $scope.options[i];
+                    break;
+                }
+            }
+        };
+        $scope.setSource();
+
+        $scope.import = function (model, form) {
+            if (!model.source || model.source === '') {
+                validationService.addError(form, 'source', 'Select the format of the import file.', true);
+                return;
+            }
+
+            var file = document.getElementById('file').files[0];
+            if (!file && (!model.fileContents || model.fileContents === '')) {
+                validationService.addError(form, 'file', 'Select the import file or copy/paste the import file contents.', true);
+                return;
+            }
+
+            $scope.processing = true;
+            importService.importOrg(model.source, file || model.fileContents, importSuccess, importError);
+        };
+
+        function importSuccess(collections, ciphers, collectionRelationships) {
+            if (!collections.length && !ciphers.length) {
+                importError('Nothing was imported.');
+                return;
+            }
+            else if (ciphers.length) {
+                var halfway = Math.floor(ciphers.length / 2);
+                var last = ciphers.length - 1;
+                if (cipherIsBadData(ciphers[0]) && cipherIsBadData(ciphers[halfway]) && cipherIsBadData(ciphers[last])) {
+                    importError('Data is not formatted correctly. Please check your import file and try again.');
+                    return;
+                }
+            }
+
+            apiService.ciphers.importOrg({ orgId: $state.params.orgId }, {
+                collections: cipherService.encryptCollections(collections, $state.params.orgId),
+                ciphers: cipherService.encryptCiphers(ciphers, cryptoService.getOrgKey($state.params.orgId)),
+                collectionRelationships: collectionRelationships
+            }, function () {
+                $uibModalInstance.dismiss('cancel');
+                $state.go('backend.org.vault', { orgId: $state.params.orgId }).then(function () {
+                    $analytics.eventTrack('Imported Org Data', { label: $scope.model.source });
+                    toastr.success('Data has been successfully imported into your vault.', 'Import Success');
+                });
+            }, importError);
+        }
+
+        function cipherIsBadData(cipher) {
+            return (cipher.name === null || cipher.name === '--') &&
+                (cipher.login && (cipher.login.password === null || cipher.login.password === ''));
+        }
+
+        function importError(error) {
+            $analytics.eventTrack('Import Org Data Failed', { label: $scope.model.source });
+            $uibModalInstance.dismiss('cancel');
+
+            if (error) {
+                var data = error.data;
+                if (data && data.ValidationErrors) {
+                    var message = '';
+                    for (var key in data.ValidationErrors) {
+                        if (!data.ValidationErrors.hasOwnProperty(key)) {
+                            continue;
+                        }
+
+                        for (var i = 0; i < data.ValidationErrors[key].length; i++) {
+                            message += (key + ': ' + data.ValidationErrors[key][i] + ' ');
+                        }
+                    }
+
+                    if (message !== '') {
+                        toastr.error(message);
+                        return;
+                    }
+                }
+                else if (data && data.Message) {
+                    toastr.error(data.Message);
+                    return;
+                }
+                else {
+                    toastr.error(error);
+                    return;
+                }
+            }
+
+            toastr.error('Something went wrong. Try again.', 'Oh No!');
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationVaultAddCipherController.js
+++ b/src/app/organization/organizationVaultAddCipherController.js
@@ -0,0 +1,141 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationVaultAddCipherController', function ($scope, apiService, $uibModalInstance, cryptoService,
+        cipherService, passwordService, $analytics, authService, orgId, $uibModal, constants, selectedType) {
+        $analytics.eventTrack('organizationVaultAddCipherController', { category: 'Modal' });
+        $scope.constants = constants;
+        $scope.selectedType = selectedType ? selectedType.toString() : constants.cipherType.login.toString();
+        $scope.cipher = {
+            type: selectedType || constants.cipherType.login,
+            login: {
+                uris: [{
+                    uri: null,
+                    match: null,
+                    matchValue: null
+                }]
+            },
+            identity: {},
+            card: {},
+            secureNote: {
+                type: '0'
+            }
+        };
+        $scope.hideFolders = $scope.hideFavorite = $scope.fromOrg = true;
+
+        authService.getUserProfile().then(function (userProfile) {
+            var orgProfile = userProfile.organizations[orgId];
+            $scope.useTotp = orgProfile.useTotp;
+        });
+
+        $scope.typeChanged = function () {
+            $scope.cipher.type = parseInt($scope.selectedType);
+        };
+
+        $scope.savePromise = null;
+        $scope.save = function () {
+            $scope.cipher.organizationId = orgId;
+            var cipher = cipherService.encryptCipher($scope.cipher);
+            $scope.savePromise = apiService.ciphers.postAdmin(cipher, function (cipherResponse) {
+                $analytics.eventTrack('Created Organization Cipher');
+                var decCipher = cipherService.decryptCipherPreview(cipherResponse);
+                $uibModalInstance.close(decCipher);
+            }).$promise;
+        };
+
+        $scope.generatePassword = function () {
+            if (!$scope.cipher.login.password || confirm('Are you sure you want to overwrite the current password?')) {
+                $analytics.eventTrack('Generated Password From Add');
+                $scope.cipher.login.password = passwordService.generatePassword({ length: 14, special: true });
+            }
+        };
+
+        $scope.addUri = function () {
+            if (!$scope.cipher.login) {
+                return;
+            }
+
+            if (!$scope.cipher.login.uris) {
+                $scope.cipher.login.uris = [];
+            }
+
+            $scope.cipher.login.uris.push({
+                uri: null,
+                match: null,
+                matchValue: null
+            });
+        };
+
+        $scope.removeUri = function (uri) {
+            if (!$scope.cipher.login || !$scope.cipher.login.uris) {
+                return;
+            }
+
+            var index = $scope.cipher.login.uris.indexOf(uri);
+            if (index > -1) {
+                $scope.cipher.login.uris.splice(index, 1);
+            }
+        };
+
+        $scope.uriMatchChanged = function (uri) {
+            if ((!uri.matchValue && uri.matchValue !== 0) || uri.matchValue === '') {
+                uri.match = null;
+            }
+            else {
+                uri.match = parseInt(uri.matchValue);
+            }
+        };
+
+        $scope.addField = function () {
+            if (!$scope.cipher.fields) {
+                $scope.cipher.fields = [];
+            }
+
+            $scope.cipher.fields.push({
+                type: constants.fieldType.text.toString(),
+                name: null,
+                value: null
+            });
+        };
+
+        $scope.removeField = function (field) {
+            var index = $scope.cipher.fields.indexOf(field);
+            if (index > -1) {
+                $scope.cipher.fields.splice(index, 1);
+            }
+        };
+
+        $scope.clipboardSuccess = function (e) {
+            e.clearSelection();
+            selectPassword(e);
+        };
+
+        $scope.clipboardError = function (e, password) {
+            if (password) {
+                selectPassword(e);
+            }
+            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
+        };
+
+        function selectPassword(e) {
+            var target = $(e.trigger).parent().prev();
+            if (target.attr('type') === 'text') {
+                target.select();
+            }
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('close');
+        };
+
+        $scope.showUpgrade = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/views/paidOrgRequired.html',
+                controller: 'paidOrgRequiredController',
+                resolve: {
+                    orgId: function () { return orgId; }
+                }
+            });
+        };
+    });
--- a/src/app/organization/organizationVaultAddLoginController.js
+++ b/src/app/organization/organizationVaultAddLoginController.js
@@ -1,50 +0,0 @@
-angular
-    .module('bit.vault')
-
-    .controller('organizationVaultAddLoginController', function ($scope, apiService, $uibModalInstance, cryptoService,
-        cipherService, passwordService, $analytics, orgId) {
-        $analytics.eventTrack('organizationVaultAddLoginController', { category: 'Modal' });
-        $scope.login = {};
-        $scope.hideFolders = $scope.hideFavorite = true;
-
-        $scope.savePromise = null;
-        $scope.save = function (model) {
-            model.organizationId = orgId;
-            var login = cipherService.encryptLogin(model);
-            $scope.savePromise = apiService.logins.postAdmin(login, function (loginResponse) {
-                $analytics.eventTrack('Created Organization Login');
-                var decLogin = cipherService.decryptLogin(loginResponse);
-                $uibModalInstance.close(decLogin);
-            }).$promise;
-        };
-
-        $scope.generatePassword = function () {
-            if (!$scope.login.password || confirm('Are you sure you want to overwrite the current password?')) {
-                $analytics.eventTrack('Generated Password From Add');
-                $scope.login.password = passwordService.generatePassword({ length: 12, special: true });
-            }
-        };
-
-        $scope.clipboardSuccess = function (e) {
-            e.clearSelection();
-            selectPassword(e);
-        };
-
-        $scope.clipboardError = function (e, password) {
-            if (password) {
-                selectPassword(e);
-            }
-            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
-        };
-
-        function selectPassword(e) {
-            var target = $(e.trigger).parent().prev();
-            if (target.attr('type') === 'text') {
-                target.select();
-            }
-        }
-
-        $scope.close = function () {
-            $uibModalInstance.dismiss('close');
-        };
-    });
--- a/src/app/organization/organizationVaultAttachmentsController.js
+++ b/src/app/organization/organizationVaultAttachmentsController.js
@@ -0,0 +1,90 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationVaultAttachmentsController', function ($scope, apiService, $uibModalInstance, cryptoService,
+        cipherService, cipherId, $analytics, validationService, toastr, $timeout) {
+        $analytics.eventTrack('organizationVaultAttachmentsController', { category: 'Modal' });
+        $scope.cipher = {};
+        $scope.loading = true;
+        $scope.isPremium = true;
+        $scope.canUseAttachments = true;
+        var closing = false;
+
+        apiService.ciphers.getAdmin({ id: cipherId }, function (cipher) {
+            $scope.cipher = cipherService.decryptCipher(cipher);
+            $scope.loading = false;
+        }, function () {
+            $scope.loading = false;
+        });
+
+        $scope.save = function (form) {
+            var files = document.getElementById('file').files;
+            if (!files || !files.length) {
+                validationService.addError(form, 'file', 'Select a file.', true);
+                return;
+            }
+
+            var key = cryptoService.getOrgKey($scope.cipher.organizationId);
+            $scope.savePromise = cipherService.encryptAttachmentFile(key, files[0]).then(function (encValue) {
+                var fd = new FormData();
+                var blob = new Blob([encValue.data], { type: 'application/octet-stream' });
+                fd.append('data', blob, encValue.fileName);
+                return apiService.ciphers.postAttachmentAdmin({ id: cipherId }, fd).$promise;
+            }).then(function (response) {
+                $analytics.eventTrack('Added Attachment');
+                toastr.success('The attachment has been added.');
+                closing = true;
+                $uibModalInstance.close(true);
+            }, function (e) {
+                var errors = validationService.parseErrors(e);
+                toastr.error(errors.length ? errors[0] : 'An error occurred.');
+            });
+        };
+
+        $scope.download = function (attachment) {
+            attachment.loading = true;
+            var key = cryptoService.getOrgKey($scope.cipher.organizationId);
+            cipherService.downloadAndDecryptAttachment(key, attachment, true).then(function (res) {
+                $timeout(function () {
+                    attachment.loading = false;
+                });
+            }, function () {
+                $timeout(function () {
+                    attachment.loading = false;
+                });
+            });
+        };
+
+        $scope.remove = function (attachment) {
+            if (!confirm('Are you sure you want to delete this attachment (' + attachment.fileName + ')?')) {
+                return;
+            }
+
+            attachment.loading = true;
+            apiService.ciphers.delAttachmentAdmin({ id: cipherId, attachmentId: attachment.id }).$promise.then(function () {
+                attachment.loading = false;
+                $analytics.eventTrack('Deleted Organization Attachment');
+                var index = $scope.cipher.attachments.indexOf(attachment);
+                if (index > -1) {
+                    $scope.cipher.attachments.splice(index, 1);
+                }
+            }, function () {
+                toastr.error('Cannot delete attachment.');
+                attachment.loading = false;
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+
+        $scope.$on('modal.closing', function (e, reason, closed) {
+            if (closing) {
+                return;
+            }
+
+            e.preventDefault();
+            closing = true;
+            $uibModalInstance.close(!!$scope.cipher.attachments && $scope.cipher.attachments.length > 0);
+        });
+    });
--- a/src/app/organization/organizationVaultCipherCollectionsController.js
+++ b/src/app/organization/organizationVaultCipherCollectionsController.js
@@ -1,9 +1,9 @@
 angular
    .module('bit.organization')

-    .controller('organizationVaultLoginCollectionsController', function ($scope, apiService, $uibModalInstance, cipherService,
+    .controller('organizationVaultCipherCollectionsController', function ($scope, apiService, $uibModalInstance, cipherService,
        cipher, $analytics, collections) {
-        $analytics.eventTrack('organizationVaultLoginCollectionsController', { category: 'Modal' });
+        $analytics.eventTrack('organizationVaultCipherCollectionsController', { category: 'Modal' });
        $scope.cipher = {};
        $scope.collections = [];
        $scope.selectedCollections = {};
@@ -69,7 +69,7 @@

            $scope.submitPromise = apiService.ciphers.putCollectionsAdmin({ id: cipher.id }, request)
                .$promise.then(function (response) {
-                    $analytics.eventTrack('Edited Login Collections');
+                    $analytics.eventTrack('Edited Cipher Collections');
                    $uibModalInstance.close({
                        action: 'collectionsEdit',
                        collectionIds: request.collectionIds
--- a/src/app/organization/organizationVaultCipherEventsController.js
+++ b/src/app/organization/organizationVaultCipherEventsController.js
@@ -0,0 +1,104 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationVaultCipherEventsController', function ($scope, apiService, $uibModalInstance,
+        cipher, $analytics, eventService) {
+        $analytics.eventTrack('organizationVaultCipherEventsController', { category: 'Modal' });
+        $scope.cipher = cipher;
+        $scope.events = [];
+        $scope.loading = true;
+        $scope.continuationToken = null;
+
+        var defaultFilters = eventService.getDefaultDateFilters();
+        $scope.filterStart = defaultFilters.start;
+        $scope.filterEnd = defaultFilters.end;
+
+        $uibModalInstance.opened.then(function () {
+            load();
+        });
+
+        $scope.refresh = function () {
+            loadEvents(true);
+        };
+
+        $scope.next = function () {
+            loadEvents(false);
+        };
+
+        var i = 0,
+            orgUsersUserIdDict = {},
+            orgUsersIdDict = {};
+
+        function load() {
+            apiService.organizationUsers.list({ orgId: cipher.organizationId }).$promise.then(function (list) {
+                var users = [];
+                for (i = 0; i < list.Data.length; i++) {
+                    var user = {
+                        id: list.Data[i].Id,
+                        userId: list.Data[i].UserId,
+                        name: list.Data[i].Name,
+                        email: list.Data[i].Email
+                    };
+
+                    users.push(user);
+
+                    var displayName = user.name || user.email;
+                    orgUsersUserIdDict[user.userId] = displayName;
+                    orgUsersIdDict[user.id] = displayName;
+                }
+
+                $scope.orgUsers = users;
+
+                return loadEvents(true);
+            });
+        }
+
+        function loadEvents(clearExisting) {
+            var filterResult = eventService.formatDateFilters($scope.filterStart, $scope.filterEnd);
+            if (filterResult.error) {
+                alert(filterResult.error);
+                return;
+            }
+
+            if (clearExisting) {
+                $scope.continuationToken = null;
+                $scope.events = [];
+            }
+
+            $scope.loading = true;
+            return apiService.events.listCipher({
+                id: cipher.id,
+                start: filterResult.start,
+                end: filterResult.end,
+                continuationToken: $scope.continuationToken
+            }).$promise.then(function (list) {
+                $scope.continuationToken = list.ContinuationToken;
+
+                var events = [];
+                for (i = 0; i < list.Data.length; i++) {
+                    var userId = list.Data[i].ActingUserId || list.Data[i].UserId;
+                    var eventInfo = eventService.getEventInfo(list.Data[i], { cipherInfo: false });
+                    events.push({
+                        message: eventInfo.message,
+                        appIcon: eventInfo.appIcon,
+                        appName: eventInfo.appName,
+                        userId: userId,
+                        userName: userId ? (orgUsersUserIdDict[userId] || '-') : '-',
+                        date: list.Data[i].Date,
+                        ip: list.Data[i].IpAddress
+                    });
+                }
+                if ($scope.events && $scope.events.length > 0) {
+                    $scope.events = $scope.events.concat(events);
+                }
+                else {
+                    $scope.events = events;
+                }
+                $scope.loading = false;
+            });
+        }
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+    });
--- a/src/app/organization/organizationVaultController.js
+++ b/src/app/organization/organizationVaultController.js
@@ -2,23 +2,35 @@
    .module('bit.organization')

    .controller('organizationVaultController', function ($scope, apiService, cipherService, $analytics, $q, $state,
-        $localStorage, $uibModal, $filter) {
-        $scope.logins = [];
+        $localStorage, $uibModal, $filter, authService, $uibModalStack, constants, $timeout) {
+        $scope.ciphers = [];
        $scope.collections = [];
        $scope.loading = true;
+        $scope.useEvents = false;
+        $scope.constants = constants;
+        $scope.filter = undefined;
+        $scope.selectedType = undefined;
+        $scope.selectedCollection = undefined;
+        $scope.selectedAll = true;
+        $scope.selectedTitle = 'All';
+        $scope.selectedIcon = 'fa-th';

        $scope.$on('$viewContentLoaded', function () {
+            authService.getUserProfile().then(function (profile) {
+                if (profile.organizations) {
+                    var org = profile.organizations[$state.params.orgId];
+                    $scope.useEvents = !!org.useEvents;
+                }
+            });
+
            var collectionPromise = apiService.collections.listOrganization({ orgId: $state.params.orgId }, function (collections) {
                var decCollections = [{
                    id: null,
-                    name: 'Unassigned',
-                    collapsed: $localStorage.collapsedOrgCollections && 'unassigned' in $localStorage.collapsedOrgCollections
+                    name: 'Unassigned'
                }];

                for (var i = 0; i < collections.Data.length; i++) {
                    var decCollection = cipherService.decryptCollection(collections.Data[i], null, true);
-                    decCollection.collapsed = $localStorage.collapsedOrgCollections &&
-                        decCollection.id in $localStorage.collapsedOrgCollections;
                    decCollections.push(decCollection);
                }

@@ -27,32 +39,38 @@

            var cipherPromise = apiService.ciphers.listOrganizationDetails({ organizationId: $state.params.orgId },
                function (ciphers) {
-                    var decLogins = [];
+                    var decCiphers = [];

                    for (var i = 0; i < ciphers.Data.length; i++) {
-                        if (ciphers.Data[i].Type === 1) {
-                            var decLogin = cipherService.decryptLoginPreview(ciphers.Data[i]);
-                            decLogins.push(decLogin);
-                        }
+                        var decCipher = cipherService.decryptCipherPreview(ciphers.Data[i]);
+                        decCiphers.push(decCipher);
                    }

-                    $scope.logins = decLogins;
+                    $scope.ciphers = decCiphers;
                }).$promise;

            $q.all([collectionPromise, cipherPromise]).then(function () {
                $scope.loading = false;
-            });
-        });
+                $timeout(function () {
+                    if ($('body').hasClass('control-sidebar-open')) {
+                        $("#search").focus();
+                    }
+                }, 500);

-        $scope.filterByCollection = function (collection) {
-            return function (cipher) {
-                if (!cipher.collectionIds || !cipher.collectionIds.length) {
-                    return collection.id === null;
+                if ($state.params.search) {
+                    $uibModalStack.dismissAll();
+                    $scope.searchVaultText = $state.params.search;
                }

-                return cipher.collectionIds.indexOf(collection.id) > -1;
-            };
-        };
+                if ($state.params.viewEvents) {
+                    $uibModalStack.dismissAll();
+                    var cipher = $filter('filter')($scope.ciphers, { id: $state.params.viewEvents });
+                    if (cipher && cipher.length) {
+                        $scope.viewEvents(cipher[0]);
+                    }
+                }
+            });
+        });

        $scope.collectionSort = function (item) {
            if (!item.id) {
@@ -62,69 +80,60 @@
            return item.name.toLowerCase();
        };

-        $scope.collapseExpand = function (collection) {
-            if (!$localStorage.collapsedOrgCollections) {
-                $localStorage.collapsedOrgCollections = {};
-            }
-
-            var id = collection.id || 'unassigned';
-
-            if (id in $localStorage.collapsedOrgCollections) {
-                delete $localStorage.collapsedOrgCollections[id];
-            }
-            else {
-                $localStorage.collapsedOrgCollections[id] = true;
-            }
-        };
-
-        $scope.editLogin = function (login) {
+        $scope.editCipher = function (cipher) {
            var editModel = $uibModal.open({
                animation: true,
-                templateUrl: 'app/vault/views/vaultEditLogin.html',
-                controller: 'organizationVaultEditLoginController',
+                templateUrl: 'app/vault/views/vaultEditCipher.html',
+                controller: 'organizationVaultEditCipherController',
                resolve: {
-                    loginId: function () { return login.id; }
+                    cipherId: function () { return cipher.id; },
+                    orgId: function () { return $state.params.orgId; }
                }
            });

            editModel.result.then(function (returnVal) {
+                var index;
                if (returnVal.action === 'edit') {
-                    login.name = returnVal.data.name;
-                    login.username = returnVal.data.username;
+                    index = $scope.ciphers.indexOf(cipher);
+                    if (index > -1) {
+                        returnVal.data.collectionIds = $scope.ciphers[index].collectionIds;
+                        $scope.ciphers[index] = returnVal.data;
+                    }
                }
                else if (returnVal.action === 'delete') {
-                    var index = $scope.logins.indexOf(login);
+                    index = $scope.ciphers.indexOf(cipher);
                    if (index > -1) {
-                        $scope.logins.splice(index, 1);
+                        $scope.ciphers.splice(index, 1);
                    }
                }
            });
        };

-        $scope.$on('organizationVaultAddLogin', function (event, args) {
-            $scope.addLogin();
+        $scope.$on('organizationVaultAddCipher', function (event, args) {
+            $scope.addCipher();
        });

-        $scope.addLogin = function () {
+        $scope.addCipher = function () {
            var addModel = $uibModal.open({
                animation: true,
-                templateUrl: 'app/vault/views/vaultAddLogin.html',
-                controller: 'organizationVaultAddLoginController',
+                templateUrl: 'app/vault/views/vaultAddCipher.html',
+                controller: 'organizationVaultAddCipherController',
                resolve: {
-                    orgId: function () { return $state.params.orgId; }
+                    orgId: function () { return $state.params.orgId; },
+                    selectedType: function () { return $scope.selectedType; }
                }
            });

-            addModel.result.then(function (addedLogin) {
-                $scope.logins.push(addedLogin);
+            addModel.result.then(function (addedCipher) {
+                $scope.ciphers.push(addedCipher);
            });
        };

        $scope.editCollections = function (cipher) {
            var modal = $uibModal.open({
                animation: true,
-                templateUrl: 'app/organization/views/organizationVaultLoginCollections.html',
-                controller: 'organizationVaultLoginCollectionsController',
+                templateUrl: 'app/organization/views/organizationVaultCipherCollections.html',
+                controller: 'organizationVaultCipherCollectionsController',
                resolve: {
                    cipher: function () { return cipher; },
                    collections: function () { return $scope.collections; }
@@ -138,39 +147,134 @@
            });
        };

-        $scope.removeLogin = function (login, collection) {
-            if (!confirm('Are you sure you want to remove this login (' + login.name + ') from the ' +
-                'collection (' + collection.name + ') ?')) {
-                return;
-            }
-
-            var request = {
-                collectionIds: []
-            };
-
-            for (var i = 0; i < login.collectionIds.length; i++) {
-                if (login.collectionIds[i] !== collection.id) {
-                    request.collectionIds.push(login.collectionIds[i]);
+        $scope.viewEvents = function (cipher) {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/organization/views/organizationVaultCipherEvents.html',
+                controller: 'organizationVaultCipherEventsController',
+                resolve: {
+                    cipher: function () { return cipher; }
                }
-            }
-
-            apiService.ciphers.putCollections({ id: login.id }, request).$promise.then(function (response) {
-                $analytics.eventTrack('Removed Login From Collection');
-                login.collectionIds = request.collectionIds;
            });
        };

-        $scope.deleteLogin = function (login) {
-            if (!confirm('Are you sure you want to delete this login (' + login.name + ')?')) {
+        $scope.attachments = function (cipher) {
+            authService.getUserProfile().then(function (profile) {
+                return !!profile.organizations[cipher.organizationId].maxStorageGb;
+            }).then(function (useStorage) {
+                if (!useStorage) {
+                    $uibModal.open({
+                        animation: true,
+                        templateUrl: 'app/views/paidOrgRequired.html',
+                        controller: 'paidOrgRequiredController',
+                        resolve: {
+                            orgId: function () { return cipher.organizationId; }
+                        }
+                    });
+                    return;
+                }
+
+                var attachmentModel = $uibModal.open({
+                    animation: true,
+                    templateUrl: 'app/vault/views/vaultAttachments.html',
+                    controller: 'organizationVaultAttachmentsController',
+                    resolve: {
+                        cipherId: function () { return cipher.id; }
+                    }
+                });
+
+                attachmentModel.result.then(function (hasAttachments) {
+                    cipher.hasAttachments = hasAttachments;
+                });
+            });
+        };
+
+        $scope.deleteCipher = function (cipher) {
+            if (!confirm('Are you sure you want to delete this item (' + cipher.name + ')?')) {
                return;
            }

-            apiService.ciphers.delAdmin({ id: login.id }, function () {
-                $analytics.eventTrack('Deleted Login');
-                var index = $scope.logins.indexOf(login);
+            apiService.ciphers.delAdmin({ id: cipher.id }, function () {
+                $analytics.eventTrack('Deleted Cipher');
+                var index = $scope.ciphers.indexOf(cipher);
                if (index > -1) {
-                    $scope.logins.splice(index, 1);
+                    $scope.ciphers.splice(index, 1);
                }
            });
        };
+
+        $scope.filterCollection = function (col) {
+            resetSelected();
+            $scope.selectedCollection = col;
+            $scope.selectedIcon = 'fa-cube';
+            if (col.id) {
+                $scope.filter = function (c) {
+                    return c.collectionIds && c.collectionIds.indexOf(col.id) > -1;
+                };
+            }
+            else {
+                $scope.filter = function (c) {
+                    return !c.collectionIds || c.collectionIds.length === 0;
+                };
+            }
+            fixLayout();
+        };
+
+        $scope.filterType = function (t) {
+            resetSelected();
+            $scope.selectedType = t;
+            switch (t) {
+                case constants.cipherType.login:
+                    $scope.selectedTitle = 'Login';
+                    $scope.selectedIcon = 'fa-globe';
+                    break;
+                case constants.cipherType.card:
+                    $scope.selectedTitle = 'Card';
+                    $scope.selectedIcon = 'fa-credit-card';
+                    break;
+                case constants.cipherType.identity:
+                    $scope.selectedTitle = 'Identity';
+                    $scope.selectedIcon = 'fa-id-card-o';
+                    break;
+                case constants.cipherType.secureNote:
+                    $scope.selectedTitle = 'Secure Note';
+                    $scope.selectedIcon = 'fa-sticky-note-o';
+                    break;
+                default:
+                    break;
+            }
+            $scope.filter = function (c) {
+                return c.type === t;
+            };
+            fixLayout();
+        };
+
+        $scope.filterAll = function () {
+            resetSelected();
+            $scope.selectedAll = true;
+            $scope.selectedTitle = 'All';
+            $scope.selectedIcon = 'fa-th';
+            $scope.filter = null;
+            fixLayout();
+        };
+
+        function resetSelected() {
+            $scope.selectedCollection = undefined;
+            $scope.selectedType = undefined;
+            $scope.selectedAll = false;
+        }
+
+        function fixLayout() {
+            if ($.AdminLTE && $.AdminLTE.layout) {
+                $timeout(function () {
+                    $.AdminLTE.layout.fix();
+                }, 0);
+            }
+        }
+
+        $scope.cipherFilter = function () {
+            return function (cipher) {
+                return !$scope.filter || $scope.filter(cipher);
+            };
+        };
    });
--- a/src/app/organization/organizationVaultEditCipherController.js
+++ b/src/app/organization/organizationVaultEditCipherController.js
@@ -0,0 +1,148 @@
+angular
+    .module('bit.organization')
+
+    .controller('organizationVaultEditCipherController', function ($scope, apiService, $uibModalInstance, cryptoService,
+        cipherService, passwordService, cipherId, $analytics, orgId, $uibModal, constants) {
+        $analytics.eventTrack('organizationVaultEditCipherController', { category: 'Modal' });
+        $scope.cipher = {};
+        $scope.hideFolders = $scope.hideFavorite = $scope.fromOrg = true;
+        $scope.constants = constants;
+
+        apiService.ciphers.getAdmin({ id: cipherId }, function (cipher) {
+            $scope.cipher = cipherService.decryptCipher(cipher);
+            $scope.useTotp = $scope.cipher.organizationUseTotp;
+            setUriMatchValues();
+        });
+
+        $scope.save = function (model) {
+            var cipher = cipherService.encryptCipher(model, $scope.cipher.type);
+            $scope.savePromise = apiService.ciphers.putAdmin({ id: cipherId }, cipher, function (cipherResponse) {
+                $analytics.eventTrack('Edited Organization Cipher');
+                var decCipher = cipherService.decryptCipherPreview(cipherResponse);
+                $uibModalInstance.close({
+                    action: 'edit',
+                    data: decCipher
+                });
+            }).$promise;
+        };
+
+        $scope.generatePassword = function () {
+            if (!$scope.cipher.login.password || confirm('Are you sure you want to overwrite the current password?')) {
+                $analytics.eventTrack('Generated Password From Edit');
+                $scope.cipher.login.password = passwordService.generatePassword({ length: 14, special: true });
+            }
+        };
+
+        $scope.addUri = function () {
+            if (!$scope.cipher.login) {
+                return;
+            }
+
+            if (!$scope.cipher.login.uris) {
+                $scope.cipher.login.uris = [];
+            }
+
+            $scope.cipher.login.uris.push({
+                uri: null,
+                match: null,
+                matchValue: null
+            });
+        };
+
+        $scope.removeUri = function (uri) {
+            if (!$scope.cipher.login || !$scope.cipher.login.uris) {
+                return;
+            }
+
+            var index = $scope.cipher.login.uris.indexOf(uri);
+            if (index > -1) {
+                $scope.cipher.login.uris.splice(index, 1);
+            }
+        };
+
+        $scope.uriMatchChanged = function (uri) {
+            if ((!uri.matchValue && uri.matchValue !== 0) || uri.matchValue === '') {
+                uri.match = null;
+            }
+            else {
+                uri.match = parseInt(uri.matchValue);
+            }
+        };
+
+        $scope.addField = function () {
+            if (!$scope.cipher.login.fields) {
+                $scope.cipher.login.fields = [];
+            }
+
+            $scope.cipher.fields.push({
+                type: constants.fieldType.text.toString(),
+                name: null,
+                value: null
+            });
+        };
+
+        $scope.removeField = function (field) {
+            var index = $scope.cipher.fields.indexOf(field);
+            if (index > -1) {
+                $scope.cipher.fields.splice(index, 1);
+            }
+        };
+
+        $scope.clipboardSuccess = function (e) {
+            e.clearSelection();
+            selectPassword(e);
+        };
+
+        $scope.clipboardError = function (e, password) {
+            if (password) {
+                selectPassword(e);
+            }
+            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
+        };
+
+        function selectPassword(e) {
+            var target = $(e.trigger).parent().prev();
+            if (target.attr('type') === 'text') {
+                target.select();
+            }
+        }
+
+        $scope.delete = function () {
+            if (!confirm('Are you sure you want to delete this item (' + $scope.cipher.name + ')?')) {
+                return;
+            }
+
+            apiService.ciphers.delAdmin({ id: $scope.cipher.id }, function () {
+                $analytics.eventTrack('Deleted Organization Cipher From Edit');
+                $uibModalInstance.close({
+                    action: 'delete',
+                    data: $scope.cipher.id
+                });
+            });
+        };
+
+        $scope.close = function () {
+            $uibModalInstance.dismiss('cancel');
+        };
+
+        $scope.showUpgrade = function () {
+            $uibModal.open({
+                animation: true,
+                templateUrl: 'app/views/paidOrgRequired.html',
+                controller: 'paidOrgRequiredController',
+                resolve: {
+                    orgId: function () { return orgId; }
+                }
+            });
+        };
+
+        function setUriMatchValues() {
+            if ($scope.cipher.login && $scope.cipher.login.uris) {
+                for (var i = 0; i < $scope.cipher.login.uris.length; i++) {
+                    $scope.cipher.login.uris[i].matchValue =
+                        $scope.cipher.login.uris[i].match || $scope.cipher.login.uris[i].match === 0 ?
+                            $scope.cipher.login.uris[i].match.toString() : '';
+                }
+            }
+        }
+    });
--- a/src/app/organization/organizationVaultEditLoginController.js
+++ b/src/app/organization/organizationVaultEditLoginController.js
@@ -1,69 +0,0 @@
-angular
-    .module('bit.vault')
-
-    .controller('organizationVaultEditLoginController', function ($scope, apiService, $uibModalInstance, cryptoService,
-        cipherService, passwordService, loginId, $analytics) {
-        $analytics.eventTrack('organizationVaultEditLoginController', { category: 'Modal' });
-        $scope.login = {};
-        $scope.hideFolders = $scope.hideFavorite = true;
-
-        apiService.logins.getAdmin({ id: loginId }, function (login) {
-            $scope.login = cipherService.decryptLogin(login);
-        });
-
-        $scope.save = function (model) {
-            var login = cipherService.encryptLogin(model);
-            $scope.savePromise = apiService.logins.putAdmin({ id: loginId }, login, function (loginResponse) {
-                $analytics.eventTrack('Edited Organization Login');
-                var decLogin = cipherService.decryptLogin(loginResponse);
-                $uibModalInstance.close({
-                    action: 'edit',
-                    data: decLogin
-                });
-            }).$promise;
-        };
-
-        $scope.generatePassword = function () {
-            if (!$scope.login.password || confirm('Are you sure you want to overwrite the current password?')) {
-                $analytics.eventTrack('Generated Password From Edit');
-                $scope.login.password = passwordService.generatePassword({ length: 12, special: true });
-            }
-        };
-
-        $scope.clipboardSuccess = function (e) {
-            e.clearSelection();
-            selectPassword(e);
-        };
-
-        $scope.clipboardError = function (e, password) {
-            if (password) {
-                selectPassword(e);
-            }
-            alert('Your web browser does not support easy clipboard copying. Copy it manually instead.');
-        };
-
-        function selectPassword(e) {
-            var target = $(e.trigger).parent().prev();
-            if (target.attr('type') === 'text') {
-                target.select();
-            }
-        }
-
-        $scope.delete = function () {
-            if (!confirm('Are you sure you want to delete this login (' + $scope.login.name + ')?')) {
-                return;
-            }
-
-            apiService.ciphers.delAdmin({ id: $scope.login.id }, function () {
-                $analytics.eventTrack('Deleted Organization Login From Edit');
-                $uibModalInstance.close({
-                    action: 'delete',
-                    data: $scope.login.id
-                });
-            });
-        };
-
-        $scope.close = function () {
-            $uibModalInstance.dismiss('cancel');
-        };
-    });
--- a/src/app/organization/views/organizationBilling.html
+++ b/src/app/organization/views/organizationBilling.html
@@ -1,12 +1,12 @@
 <section class="content-header">
    <h1>
        Billing
-        <small>manage your payments</small>
+        <small>manage your billing &amp; licensing</small>
    </h1>
 </section>
 <section class="content">
    <div class="callout callout-warning" ng-if="subscription && subscription.cancelled">
-        <h4><i class="fa fa-warning"></i> Cancelled</h4>
+        <h4><i class="fa fa-warning"></i> Canceled</h4>
        The subscription to this organization has been canceled.
    </div>
    <div class="callout callout-warning" ng-if="subscription && subscription.markedForCancel">
@@ -19,30 +19,47 @@
            Reinstate Plan
        </button>
    </div>
-    <div class="box">
+    <div class="box box-default">
        <div class="box-header with-border">
            <h3 class="box-title">Plan</h3>
        </div>
        <div class="box-body">
            <div class="row">
                <div class="col-sm-6">
-                    <dl>
+                    <dl ng-if="selfHosted">
+                        <dt>Name</dt>
+                        <dd>{{plan.name || '-'}}</dd>
+                        <dt>Expiration</dt>
+                        <dd ng-if="loading">
+                            Loading...
+                        </dd>
+                        <dd ng-if="!loading && expiration">
+                            {{expiration | date: 'medium'}}
+                        </dd>
+                        <dd ng-if="!loading && !expiration">
+                            Never expires
+                        </dd>
+                    </dl>
+                    <dl ng-if="!selfHosted">
                        <dt>Name</dt>
                        <dd>{{plan.name || '-'}}</dd>
                        <dt>Total Seats</dt>
                        <dd>{{plan.seats || '-'}}</dd>
                    </dl>
                </div>
-                <div class="col-sm-6">
+                <div class="col-sm-6" ng-if="!selfHosted">
                    <dl>
                        <dt>Status</dt>
-                        <dd style="text-transform: capitalize;">{{(subscription && subscription.status) || '-'}}</dd>
+                        <dd>
+                            <span style="text-transform: capitalize;">{{(subscription && subscription.status) || '-'}}</span>
+                            <span ng-if="subscription.markedForCancel">- marked for cancellation</span>
+                        </dd>
                        <dt>Next Charge</dt>
-                        <dd>{{nextInvoice ? ((nextInvoice.date | date: format: mediumDate) + ', ' + (nextInvoice.amount | currency:'$')) : '-'}}</dd>
+                        <dd>{{nextInvoice ? ((nextInvoice.date | date: 'mediumDate') + ', ' + (nextInvoice.amount | currency:'$')) : '-'}}</dd>
                    </dl>
                </div>
            </div>
-            <div class="row" ng-if="!noSubscription">
+            <div class="row" ng-if="!selfHosted && !noSubscription">
                <div class="col-md-6">
                    <strong>Details</strong>
                    <div ng-show="loading">
@@ -64,7 +81,7 @@
                </div>
            </div>
        </div>
-        <div class="box-footer">
+        <div class="box-footer" ng-if="!selfHosted">
            <button type="button" class="btn btn-default btn-flat" ng-click="changePlan()">
                Change Plan
            </button>
@@ -76,9 +93,21 @@
                    ng-if="!noSubscription && subscription.markedForCancel">
                Reinstate Plan
            </button>
+            <button type="button" class="btn btn-default btn-flat" ng-click="license()"
+                    ng-if="!subscription.cancelled">
+                Download License
+            </button>
+        </div>
+        <div class="box-footer" ng-if="selfHosted">
+            <button type="button" class="btn btn-default btn-flat" ng-click="updateLicense()">
+                Update License
+            </button>
+            <a href="https://vault.bitwarden.com" class="btn btn-default btn-flat" target="_blank">
+                Manage Billing
+            </a>
        </div>
    </div>
-    <div class="box">
+    <div class="box box-default">
        <div class="box-header with-border">
            <h3 class="box-title">User Seats</h3>
        </div>
@@ -87,10 +116,10 @@
                Loading...
            </div>
            <div ng-show="!loading">
-                You plan currently has a total of <b>{{plan.seats}}</b> seats.
+                Your plan currently has a total of <b>{{plan.seats}}</b> seats.
            </div>
        </div>
-        <div class="box-footer" ng-if="!noSubscription">
+        <div class="box-footer" ng-if="!selfHosted && !noSubscription && canAdjustSeats">
            <button type="button" class="btn btn-default btn-flat" ng-click="adjustSeats(true)">
                Add Seats
            </button>
@@ -99,7 +128,33 @@
            </button>
        </div>
    </div>
-    <div class="box">
+    <div class="box box-default" ng-if="storage && !selfHosted">
+        <div class="box-header with-border">
+            <h3 class="box-title">Storage</h3>
+        </div>
+        <div class="box-body">
+            <p>
+                Your plan has a total of {{storage.maxGb}} GB of encrypted file storage.
+                You are currently using {{storage.currentName}}.
+            </p>
+            <div class="progress" style="margin: 0;">
+                <div class="progress-bar progress-bar-info" role="progressbar"
+                     aria-valuenow="{{storage.percentage}}" aria-valuemin="0" aria-valuemax="1"
+                     style="min-width: 50px; width: {{storage.percentage}}%;">
+                    {{storage.percentage}}%
+                </div>
+            </div>
+        </div>
+        <div class="box-footer">
+            <button type="button" class="btn btn-default btn-flat" ng-click="adjustStorage(true)">
+                Add Storage
+            </button>
+            <button type="button" class="btn btn-default btn-flat" ng-click="adjustStorage(false)">
+                Remove Storage
+            </button>
+        </div>
+    </div>
+    <div class="box box-default" ng-if="!selfHosted">
        <div class="box-header with-border">
            <h3 class="box-title">Payment Method</h3>
        </div>
@@ -111,8 +166,17 @@
                <i class="fa fa-credit-card"></i> No payment method on file.
            </div>
            <div ng-show="!loading && paymentSource">
+                <div class="callout callout-warning" ng-if="paymentSource.type === 1 && paymentSource.needsVerification">
+                    <h4><i class="fa fa-warning"></i> You must verify your bank account</h4>
+                    <p>
+                        We have made two micro-deposits to your bank account (it may take 1-2 business days to show up).
+                        Enter these amounts to verify the bank account. Failure to verify the bank account will result in a
+                        missed payment and your organization being disabled.
+                    </p>
+                    <button class="btn btn-default btn-flat" ng-click="verifyBank()">Verify Now</button>
+                </div>
                <i class="fa" ng-class="{'fa-credit-card': paymentSource.type === 0,
-                   'fa-university': paymentSource.type === 1}"></i>
+                   'fa-university': paymentSource.type === 1, 'fa-paypal fa-fw text-blue': paymentSource.type === 2}"></i>
                {{paymentSource.description}}
            </div>
        </div>
@@ -122,7 +186,7 @@
            </button>
        </div>
    </div>
-    <div class="box">
+    <div class="box box-default" ng-if="!selfHosted">
        <div class="box-header with-border">
            <h3 class="box-title">Charges</h3>
        </div>
@@ -137,10 +201,15 @@
                <table class="table">
                    <tbody>
                        <tr ng-repeat="charge in charges">
-                            <td style="width: 200px">
-                                {{charge.date | date: format: mediumDate}}
+                            <td style="width: 30px">
+                                <a href="#" stop-click ng-click="viewInvoice(charge)" title="Invoice">
+                                    <i class="fa fa-file-pdf-o"></i>
+                                </a>
                            </td>
-                            <td>
+                            <td style="width: 200px">
+                                {{charge.date | date: 'mediumDate'}}
+                            </td>
+                            <td style="min-width: 150px">
                                {{charge.paymentSource}}
                            </td>
                            <td style="width: 150px; text-transform: capitalize;">
@@ -155,7 +224,7 @@
            </div>
        </div>
        <div class="box-footer">
-            Note: Any charges will appears on your credit card statement as <b>BITWARDEN</b>.
+            Note: Any charges will appear on your statement as <b>BITWARDEN</b>.
        </div>
    </div>
 </section>
--- a/src/app/organization/views/organizationBillingAdjustSeats.html
+++ b/src/app/organization/views/organizationBillingAdjustSeats.html
@@ -5,7 +5,7 @@
        {{add ? 'Add Seats' : 'Remove Seats'}}
    </h4>
 </div>
-<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise">
+<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise" autocomplete="off">
    <div class="modal-body">
        <div class="callout callout-default" ng-show="add">
            <h4><i class="fa fa-dollar"></i> Note About Charges</h4>
@@ -22,7 +22,7 @@
            </p>
        </div>
        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
-            <h4>Errors have occured</h4>
+            <h4>Errors have occurred</h4>
            <ul>
                <li ng-repeat="e in form.$errors">{{e}}</li>
            </ul>
--- a/src/app/organization/views/organizationBillingChangePayment.html
+++ b/src/app/organization/views/organizationBillingChangePayment.html
@@ -1,364 +0,0 @@
-<div class="modal-header">
-    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    <h4 class="modal-title">
-        <i class="fa fa-credit-card"></i>
-        {{existingPaymentMethod ? 'Change Payment Method' : 'Add Payment Method'}}
-    </h4>
-</div>
-<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise">
-    <div class="modal-body">
-        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
-            <h4>Errors have occured</h4>
-            <ul>
-                <li ng-repeat="e in form.$errors">{{e}}</li>
-            </ul>
-        </div>
-        <div class="row">
-            <div class="col-md-6">
-                <div class="form-group" show-errors>
-                    <label for="card_number">Card Number</label>
-                    <input type="text" id="card_number" name="card_number" ng-model="card.number"
-                           class="form-control" cc-number required api-field />
-                </div>
-            </div>
-        </div>
-        <ul class="list-inline">
-            <li><div class="cc visa"></div></li>
-            <li><div class="cc mastercard"></div></li>
-            <li><div class="cc amex"></div></li>
-            <li><div class="cc discover"></div></li>
-            <li><div class="cc diners"></div></li>
-            <li><div class="cc jcb"></div></li>
-        </ul>
-        <div class="row">
-            <div class="col-sm-4">
-                <div class="form-group" show-errors>
-                    <label for="exp_month">Expiration Month</label>
-                    <select id="exp_month" class="form-control" ng-model="card.exp_month" required cc-exp-month
-                            name="exp_month" api-field>
-                        <option value="">-- Select --</option>
-                        <option value="01">01 - January</option>
-                        <option value="02">02 - February</option>
-                        <option value="03">03 - March</option>
-                        <option value="04">04 - April</option>
-                        <option value="05">05 - May</option>
-                        <option value="06">06 - June</option>
-                        <option value="07">07 - July</option>
-                        <option value="08">08 - August</option>
-                        <option value="09">09 - September</option>
-                        <option value="10">10 - October</option>
-                        <option value="11">11 - November</option>
-                        <option value="12">12 - December</option>
-                    </select>
-                </div>
-            </div>
-            <div class="col-sm-4">
-                <div class="form-group" show-errors>
-                    <label for="exp_year">Expiration Year</label>
-                    <select id="exp_year" class="form-control" ng-model="card.exp_year" required cc-exp-year
-                            name="exp_year" api-field>
-                        <option value="">-- Select --</option>
-                        <option value="17">2017</option>
-                        <option value="18">2018</option>
-                        <option value="19">2019</option>
-                        <option value="20">2020</option>
-                        <option value="21">2021</option>
-                        <option value="22">2022</option>
-                        <option value="23">2023</option>
-                        <option value="24">2024</option>
-                        <option value="25">2025</option>
-                        <option value="26">2026</option>
-                    </select>
-                </div>
-            </div>
-            <div class="col-sm-4">
-                <div class="form-group" show-errors>
-                    <label for="cvc">
-                        CVC
-                        <a href="https://www.cvvnumber.com/cvv.html" target="_blank" title="What is this?"
-                           rel="noopener noreferrer">
-                            <i class="fa fa-question-circle"></i>
-                        </a>
-                    </label>
-                    <input type="text" id="cvc" ng-model="card.cvc" class="form-control" name="cvc"
-                           cc-type="number.$ccType" cc-cvc required api-field />
-                </div>
-            </div>
-        </div>
-        <div class="row">
-            <div class="col-sm-6">
-                <div class="form-group" show-errors>
-                    <label for="address_country">Country</label>
-                    <select id="address_country" class="form-control" ng-model="card.address_country"
-                            required name="address_country" api-field>
-                        <option value="">-- Select --</option>
-                        <option value="US">United States</option>
-                        <option value="CN">China</option>
-                        <option value="FR">France</option>
-                        <option value="DE">Germany</option>
-                        <option value="CA">Canada</option>
-                        <option value="GB">United Kingdom</option>
-                        <option value="AU">Australia</option>
-                        <option value="IN">India</option>
-                        <option value="-" disabled></option>
-                        <option value="AF">Afghanistan</option>
-                        <option value="AX">Åland Islands</option>
-                        <option value="AL">Albania</option>
-                        <option value="DZ">Algeria</option>
-                        <option value="AS">American Samoa</option>
-                        <option value="AD">Andorra</option>
-                        <option value="AO">Angola</option>
-                        <option value="AI">Anguilla</option>
-                        <option value="AQ">Antarctica</option>
-                        <option value="AG">Antigua and Barbuda</option>
-                        <option value="AR">Argentina</option>
-                        <option value="AM">Armenia</option>
-                        <option value="AW">Aruba</option>
-                        <option value="AT">Austria</option>
-                        <option value="AZ">Azerbaijan</option>
-                        <option value="BS">Bahamas</option>
-                        <option value="BH">Bahrain</option>
-                        <option value="BD">Bangladesh</option>
-                        <option value="BB">Barbados</option>
-                        <option value="BY">Belarus</option>
-                        <option value="BE">Belgium</option>
-                        <option value="BZ">Belize</option>
-                        <option value="BJ">Benin</option>
-                        <option value="BM">Bermuda</option>
-                        <option value="BT">Bhutan</option>
-                        <option value="BO">Bolivia, Plurinational State of</option>
-                        <option value="BQ">Bonaire, Sint Eustatius and Saba</option>
-                        <option value="BA">Bosnia and Herzegovina</option>
-                        <option value="BW">Botswana</option>
-                        <option value="BV">Bouvet Island</option>
-                        <option value="BR">Brazil</option>
-                        <option value="IO">British Indian Ocean Territory</option>
-                        <option value="BN">Brunei Darussalam</option>
-                        <option value="BG">Bulgaria</option>
-                        <option value="BF">Burkina Faso</option>
-                        <option value="BI">Burundi</option>
-                        <option value="KH">Cambodia</option>
-                        <option value="CM">Cameroon</option>
-                        <option value="CV">Cape Verde</option>
-                        <option value="KY">Cayman Islands</option>
-                        <option value="CF">Central African Republic</option>
-                        <option value="TD">Chad</option>
-                        <option value="CL">Chile</option>
-                        <option value="CX">Christmas Island</option>
-                        <option value="CC">Cocos (Keeling) Islands</option>
-                        <option value="CO">Colombia</option>
-                        <option value="KM">Comoros</option>
-                        <option value="CG">Congo</option>
-                        <option value="CD">Congo, the Democratic Republic of the</option>
-                        <option value="CK">Cook Islands</option>
-                        <option value="CR">Costa Rica</option>
-                        <option value="CI">Côte d'Ivoire</option>
-                        <option value="HR">Croatia</option>
-                        <option value="CU">Cuba</option>
-                        <option value="CW">Curaçao</option>
-                        <option value="CY">Cyprus</option>
-                        <option value="CZ">Czech Republic</option>
-                        <option value="DK">Denmark</option>
-                        <option value="DJ">Djibouti</option>
-                        <option value="DM">Dominica</option>
-                        <option value="DO">Dominican Republic</option>
-                        <option value="EC">Ecuador</option>
-                        <option value="EG">Egypt</option>
-                        <option value="SV">El Salvador</option>
-                        <option value="GQ">Equatorial Guinea</option>
-                        <option value="ER">Eritrea</option>
-                        <option value="EE">Estonia</option>
-                        <option value="ET">Ethiopia</option>
-                        <option value="FK">Falkland Islands (Malvinas)</option>
-                        <option value="FO">Faroe Islands</option>
-                        <option value="FJ">Fiji</option>
-                        <option value="FI">Finland</option>
-                        <option value="GF">French Guiana</option>
-                        <option value="PF">French Polynesia</option>
-                        <option value="TF">French Southern Territories</option>
-                        <option value="GA">Gabon</option>
-                        <option value="GM">Gambia</option>
-                        <option value="GE">Georgia</option>
-                        <option value="GH">Ghana</option>
-                        <option value="GI">Gibraltar</option>
-                        <option value="GR">Greece</option>
-                        <option value="GL">Greenland</option>
-                        <option value="GD">Grenada</option>
-                        <option value="GP">Guadeloupe</option>
-                        <option value="GU">Guam</option>
-                        <option value="GT">Guatemala</option>
-                        <option value="GG">Guernsey</option>
-                        <option value="GN">Guinea</option>
-                        <option value="GW">Guinea-Bissau</option>
-                        <option value="GY">Guyana</option>
-                        <option value="HT">Haiti</option>
-                        <option value="HM">Heard Island and McDonald Islands</option>
-                        <option value="VA">Holy See (Vatican City State)</option>
-                        <option value="HN">Honduras</option>
-                        <option value="HK">Hong Kong</option>
-                        <option value="HU">Hungary</option>
-                        <option value="IS">Iceland</option>
-                        <option value="ID">Indonesia</option>
-                        <option value="IR">Iran, Islamic Republic of</option>
-                        <option value="IQ">Iraq</option>
-                        <option value="IE">Ireland</option>
-                        <option value="IM">Isle of Man</option>
-                        <option value="IL">Israel</option>
-                        <option value="IT">Italy</option>
-                        <option value="JM">Jamaica</option>
-                        <option value="JP">Japan</option>
-                        <option value="JE">Jersey</option>
-                        <option value="JO">Jordan</option>
-                        <option value="KZ">Kazakhstan</option>
-                        <option value="KE">Kenya</option>
-                        <option value="KI">Kiribati</option>
-                        <option value="KP">Korea, Democratic People's Republic of</option>
-                        <option value="KR">Korea, Republic of</option>
-                        <option value="KW">Kuwait</option>
-                        <option value="KG">Kyrgyzstan</option>
-                        <option value="LA">Lao People's Democratic Republic</option>
-                        <option value="LV">Latvia</option>
-                        <option value="LB">Lebanon</option>
-                        <option value="LS">Lesotho</option>
-                        <option value="LR">Liberia</option>
-                        <option value="LY">Libya</option>
-                        <option value="LI">Liechtenstein</option>
-                        <option value="LT">Lithuania</option>
-                        <option value="LU">Luxembourg</option>
-                        <option value="MO">Macao</option>
-                        <option value="MK">Macedonia, the former Yugoslav Republic of</option>
-                        <option value="MG">Madagascar</option>
-                        <option value="MW">Malawi</option>
-                        <option value="MY">Malaysia</option>
-                        <option value="MV">Maldives</option>
-                        <option value="ML">Mali</option>
-                        <option value="MT">Malta</option>
-                        <option value="MH">Marshall Islands</option>
-                        <option value="MQ">Martinique</option>
-                        <option value="MR">Mauritania</option>
-                        <option value="MU">Mauritius</option>
-                        <option value="YT">Mayotte</option>
-                        <option value="MX">Mexico</option>
-                        <option value="FM">Micronesia, Federated States of</option>
-                        <option value="MD">Moldova, Republic of</option>
-                        <option value="MC">Monaco</option>
-                        <option value="MN">Mongolia</option>
-                        <option value="ME">Montenegro</option>
-                        <option value="MS">Montserrat</option>
-                        <option value="MA">Morocco</option>
-                        <option value="MZ">Mozambique</option>
-                        <option value="MM">Myanmar</option>
-                        <option value="NA">Namibia</option>
-                        <option value="NR">Nauru</option>
-                        <option value="NP">Nepal</option>
-                        <option value="NL">Netherlands</option>
-                        <option value="NC">New Caledonia</option>
-                        <option value="NZ">New Zealand</option>
-                        <option value="NI">Nicaragua</option>
-                        <option value="NE">Niger</option>
-                        <option value="NG">Nigeria</option>
-                        <option value="NU">Niue</option>
-                        <option value="NF">Norfolk Island</option>
-                        <option value="MP">Northern Mariana Islands</option>
-                        <option value="NO">Norway</option>
-                        <option value="OM">Oman</option>
-                        <option value="PK">Pakistan</option>
-                        <option value="PW">Palau</option>
-                        <option value="PS">Palestinian Territory, Occupied</option>
-                        <option value="PA">Panama</option>
-                        <option value="PG">Papua New Guinea</option>
-                        <option value="PY">Paraguay</option>
-                        <option value="PE">Peru</option>
-                        <option value="PH">Philippines</option>
-                        <option value="PN">Pitcairn</option>
-                        <option value="PL">Poland</option>
-                        <option value="PT">Portugal</option>
-                        <option value="PR">Puerto Rico</option>
-                        <option value="QA">Qatar</option>
-                        <option value="RE">Réunion</option>
-                        <option value="RO">Romania</option>
-                        <option value="RU">Russian Federation</option>
-                        <option value="RW">Rwanda</option>
-                        <option value="BL">Saint Barthélemy</option>
-                        <option value="SH">Saint Helena, Ascension and Tristan da Cunha</option>
-                        <option value="KN">Saint Kitts and Nevis</option>
-                        <option value="LC">Saint Lucia</option>
-                        <option value="MF">Saint Martin (French part)</option>
-                        <option value="PM">Saint Pierre and Miquelon</option>
-                        <option value="VC">Saint Vincent and the Grenadines</option>
-                        <option value="WS">Samoa</option>
-                        <option value="SM">San Marino</option>
-                        <option value="ST">Sao Tome and Principe</option>
-                        <option value="SA">Saudi Arabia</option>
-                        <option value="SN">Senegal</option>
-                        <option value="RS">Serbia</option>
-                        <option value="SC">Seychelles</option>
-                        <option value="SL">Sierra Leone</option>
-                        <option value="SG">Singapore</option>
-                        <option value="SX">Sint Maarten (Dutch part)</option>
-                        <option value="SK">Slovakia</option>
-                        <option value="SI">Slovenia</option>
-                        <option value="SB">Solomon Islands</option>
-                        <option value="SO">Somalia</option>
-                        <option value="ZA">South Africa</option>
-                        <option value="GS">South Georgia and the South Sandwich Islands</option>
-                        <option value="SS">South Sudan</option>
-                        <option value="ES">Spain</option>
-                        <option value="LK">Sri Lanka</option>
-                        <option value="SD">Sudan</option>
-                        <option value="SR">Suriname</option>
-                        <option value="SJ">Svalbard and Jan Mayen</option>
-                        <option value="SZ">Swaziland</option>
-                        <option value="SE">Sweden</option>
-                        <option value="CH">Switzerland</option>
-                        <option value="SY">Syrian Arab Republic</option>
-                        <option value="TW">Taiwan, Province of China</option>
-                        <option value="TJ">Tajikistan</option>
-                        <option value="TZ">Tanzania, United Republic of</option>
-                        <option value="TH">Thailand</option>
-                        <option value="TL">Timor-Leste</option>
-                        <option value="TG">Togo</option>
-                        <option value="TK">Tokelau</option>
-                        <option value="TO">Tonga</option>
-                        <option value="TT">Trinidad and Tobago</option>
-                        <option value="TN">Tunisia</option>
-                        <option value="TR">Turkey</option>
-                        <option value="TM">Turkmenistan</option>
-                        <option value="TC">Turks and Caicos Islands</option>
-                        <option value="TV">Tuvalu</option>
-                        <option value="UG">Uganda</option>
-                        <option value="UA">Ukraine</option>
-                        <option value="AE">United Arab Emirates</option>
-                        <option value="UM">United States Minor Outlying Islands</option>
-                        <option value="UY">Uruguay</option>
-                        <option value="UZ">Uzbekistan</option>
-                        <option value="VU">Vanuatu</option>
-                        <option value="VE">Venezuela, Bolivarian Republic of</option>
-                        <option value="VN">Viet Nam</option>
-                        <option value="VG">Virgin Islands, British</option>
-                        <option value="VI">Virgin Islands, U.S.</option>
-                        <option value="WF">Wallis and Futuna</option>
-                        <option value="EH">Western Sahara</option>
-                        <option value="YE">Yemen</option>
-                        <option value="ZM">Zambia</option>
-                        <option value="ZW">Zimbabwe</option>
-                    </select>
-                </div>
-            </div>
-            <div class="col-sm-6">
-                <div class="form-group" show-errors>
-                    <label for="address_zip"
-                           ng-bind="card.address_country === 'US' ? 'Zip Code' : 'Postal Code'"></label>
-                    <input type="text" id="address_zip" ng-model="card.address_zip"
-                           class="form-control" required name="address_zip" api-field />
-                </div>
-            </div>
-        </div>
-    </div>
-    <div class="modal-footer">
-        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="form.$loading">
-            <i class="fa fa-refresh fa-spin loading-icon" ng-show="form.$loading"></i>Submit
-        </button>
-        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
-    </div>
-</form>
--- a/src/app/organization/views/organizationBillingChangePlan.html
+++ b/src/app/organization/views/organizationBillingChangePlan.html
@@ -2,10 +2,11 @@
    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
    <h4 class="modal-title"><i class="fa fa-file-text-o"></i> Change Plan</h4>
 </div>
-<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise">
+<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise" autocomplete="off">
    <div class="modal-body">
-        Coming soon. In the meantime, please <a href="https://bitwarden.com/contact/" target="_blank">contact us</a>
-        if you would like to change your plan.
+        You can <a href="https://bitwarden.com/contact/" target="_blank">contact us</a>
+        if you would like to change your plan. Please ensure that you have an active payment
+        method on file.
    </div>
    <div class="modal-footer">
        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
--- a/src/app/organization/views/organizationBillingVerifyBank.html
+++ b/src/app/organization/views/organizationBillingVerifyBank.html
@@ -0,0 +1,43 @@
+<div class="modal-header">
+    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+    <h4 class="modal-title">
+        <i class="fa fa-check-square-o"></i>
+        Verify Bank Account
+    </h4>
+</div>
+<form name="form" ng-submit="form.$valid && submit()" api-form="submitPromise" autocomplete="off">
+    <div class="modal-body">
+        <p>
+            Enter the two micro-deposit amounts from your bank account. Both amounts will be less than $1.00 each.
+            For example, if we deposited $0.32 and $0.45 you would enter the values "32" and "45".
+        </p>
+        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in form.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group">
+            <label for="amount1">Amount 1</label>
+            <div class="input-group">
+                <span class="input-group-addon">$ 0.</span>
+                <input type="number" id="amount1" name="Amount1" ng-model="amount1" class="form-control"
+                       required min="1" max="99" placeholder="xx" />
+            </div>
+        </div>
+        <div class="form-group">
+            <label for="amount2">Amount 2</label>
+            <div class="input-group">
+                <span class="input-group-addon">$ 0.</span>
+                <input type="number" id="amount2" name="Amount2" ng-model="amount2" class="form-control"
+                       required min="1" max="99" placeholder="xx" />
+            </div>
+        </div>
+    </div>
+    <div class="modal-footer">
+        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="form.$loading">
+            <i class="fa fa-refresh fa-spin loading-icon" ng-show="form.$loading"></i>Submit
+        </button>
+        <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
+    </div>
+</form>
--- a/src/app/organization/views/organizationCollections.html
+++ b/src/app/organization/views/organizationCollections.html
@@ -10,7 +10,7 @@
            &nbsp;
            <div class="box-filters hidden-xs">
                <div class="form-group form-group-sm has-feedback has-feedback-left">
-                    <input type="text" id="search" class="form-control" placeholder="Search collections..."
+                    <input type="text" id="filterSearch" class="form-control" placeholder="Search collections..."
                           style="width: 200px;" ng-model="filterSearch">
                    <span class="fa fa-search form-control-feedback text-muted" aria-hidden="true"></span>
                </div>
@@ -44,17 +44,12 @@
                                    </button>
                                    <ul class="dropdown-menu">
                                        <li>
-                                            <a href="javascript:void(0)" ng-click="users(collection)">
+                                            <a href="#" stop-click ng-click="users(collection)">
                                                <i class="fa fa-fw fa-users"></i> Users
                                            </a>
                                        </li>
                                        <li>
-                                            <a href="javascript:void(0)" ng-click="groups(collection)">
-                                                <i class="fa fa-fw fa-sitemap"></i> Groups
-                                            </a>
-                                        </li>
-                                        <li>
-                                            <a href="javascript:void(0)" ng-click="delete(collection)" class="text-red">
+                                            <a href="#" stop-click ng-click="delete(collection)" class="text-red">
                                                <i class="fa fa-fw fa-trash"></i> Delete
                                            </a>
                                        </li>
@@ -62,7 +57,7 @@
                                </div>
                            </td>
                            <td valign="middle">
-                                <a href="javascript:void(0)" ng-click="edit(collection)">
+                                <a href="#" stop-click ng-click="edit(collection)">
                                    {{collection.name}}
                                </a>
                            </td>
--- a/src/app/organization/views/organizationCollectionsAdd.html
+++ b/src/app/organization/views/organizationCollectionsAdd.html
@@ -2,18 +2,8 @@
    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
    <h4 class="modal-title"><i class="fa fa-cubes"></i> Add New Collection</h4>
 </div>
-<form name="form" ng-submit="form.$valid && submit(model)" api-form="submitPromise">
+<form name="form" ng-submit="form.$valid && submit(model)" api-form="submitPromise" autocomplete="off">
    <div class="modal-body">
-        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
-            <h4>Errors have occured</h4>
-            <ul>
-                <li ng-repeat="e in form.$errors">{{e}}</li>
-            </ul>
-        </div>
-        <div class="form-group" show-errors>
-            <label for="email">Name</label>
-            <input type="text" id="name" name="Name" ng-model="model.name" class="form-control" required api-field />
-        </div>
        <div class="callout callout-default">
            <h4><i class="fa fa-info-circle"></i> Note</h4>
            <p>
@@ -24,6 +14,65 @@
                login from "My vault".
            </p>
        </div>
+        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in form.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="email">Name</label>
+            <input type="text" id="name" name="Name" ng-model="model.name" class="form-control" required api-field />
+        </div>
+        <div ng-if="useGroups">
+            <h4>Group Access</h4>
+            <div ng-show="loading && !groups.length">
+                Loading groups...
+            </div>
+            <div ng-show="!loading && !groups.length">
+                <p>No groups for your organization.</p>
+            </div>
+            <div class="table-responsive" ng-show="groups.length" style="margin: 0;">
+                <table class="table table-striped table-hover" style="margin: 0;">
+                    <thead>
+                        <tr>
+                            <th style="width: 40px;">
+                                <input type="checkbox"
+                                       ng-checked="allSelected()"
+                                       ng-click="toggleGroupSelectionAll($event)">
+                            </th>
+                            <th>Name</th>
+                            <th style="width: 100px; text-align: center;">Read Only</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr ng-repeat="group in groups | orderBy: ['name']">
+                            <td valign="middle">
+                                <input type="checkbox"
+                                       name="selectedGroups[]"
+                                       value="{{group.id}}"
+                                       ng-checked="groupSelected(group)"
+                                       ng-click="toggleGroupSelection(group.id)"
+                                       ng-disabled="group.accessAll">
+                            </td>
+                            <td valign="middle">
+                                {{group.name}}
+                                <i class="fa fa-unlock text-muted fa-fw" ng-show="group.accessAll"
+                                   title="This group can access all items"></i>
+                            </td>
+                            <td style="width: 100px; text-align: center;" valign="middle">
+                                <input type="checkbox"
+                                       name="selectedGroupsReadonly[]"
+                                       value="{{group.id}}"
+                                       ng-disabled="!groupSelected(group) || group.accessAll"
+                                       ng-checked="groupSelected(group) && selectedGroups[group.id].readOnly"
+                                       ng-click="toggleGroupReadOnlySelection(group)">
+                            </td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        </div>
    </div>
    <div class="modal-footer">
        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="form.$loading">
--- a/src/app/organization/views/organizationCollectionsEdit.html
+++ b/src/app/organization/views/organizationCollectionsEdit.html
@@ -2,18 +2,8 @@
    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
    <h4 class="modal-title"><i class="fa fa-cubes"></i> Edit Collection</h4>
 </div>
-<form name="form" ng-submit="form.$valid && submit(collection)" api-form="submitPromise">
+<form name="form" ng-submit="form.$valid && submit(collection)" api-form="submitPromise" autocomplete="off">
    <div class="modal-body">
-        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
-            <h4>Errors have occured</h4>
-            <ul>
-                <li ng-repeat="e in form.$errors">{{e}}</li>
-            </ul>
-        </div>
-        <div class="form-group" show-errors>
-            <label for="email">Name</label>
-            <input type="text" id="name" name="Name" ng-model="collection.name" class="form-control" required api-field />
-        </div>
        <div class="callout callout-default">
            <h4><i class="fa fa-info-circle"></i> Note</h4>
            <p>
@@ -25,6 +15,65 @@
                login from "My vault".
            </p>
        </div>
+        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
+            <h4>Errors have occurred</h4>
+            <ul>
+                <li ng-repeat="e in form.$errors">{{e}}</li>
+            </ul>
+        </div>
+        <div class="form-group" show-errors>
+            <label for="email">Name</label>
+            <input type="text" id="name" name="Name" ng-model="collection.name" class="form-control" required api-field />
+        </div>
+        <div ng-if="useGroups">
+            <h4>Group Access</h4>
+            <div ng-show="loading && !groups.length">
+                Loading groups...
+            </div>
+            <div ng-show="!loading && !groups.length">
+                <p>No groups for your organization.</p>
+            </div>
+            <div class="table-responsive" ng-show="groups.length" style="margin: 0;">
+                <table class="table table-striped table-hover" style="margin: 0;">
+                    <thead>
+                        <tr>
+                            <th style="width: 40px;">
+                                <input type="checkbox"
+                                       ng-checked="allSelected()"
+                                       ng-click="toggleGroupSelectionAll($event)">
+                            </th>
+                            <th>Name</th>
+                            <th style="width: 100px; text-align: center;">Read Only</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr ng-repeat="group in groups | orderBy: ['name']">
+                            <td valign="middle">
+                                <input type="checkbox"
+                                       name="selectedGroups[]"
+                                       value="{{group.id}}"
+                                       ng-checked="groupSelected(group)"
+                                       ng-click="toggleGroupSelection(group.id)"
+                                       ng-disabled="group.accessAll">
+                            </td>
+                            <td valign="middle">
+                                {{group.name}}
+                                <i class="fa fa-unlock text-muted fa-fw" ng-show="group.accessAll"
+                                   title="This group can access all items"></i>
+                            </td>
+                            <td style="width: 100px; text-align: center;" valign="middle">
+                                <input type="checkbox"
+                                       name="selectedGroupsReadonly[]"
+                                       value="{{group.id}}"
+                                       ng-disabled="!groupSelected(group) || group.accessAll"
+                                       ng-checked="groupSelected(group) && selectedGroups[group.id].readOnly"
+                                       ng-click="toggleGroupReadOnlySelection(group)">
+                            </td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        </div>
    </div>
    <div class="modal-footer">
        <button type="submit" class="btn btn-primary btn-flat" ng-disabled="form.$loading">
--- a/src/app/organization/views/organizationCollectionsGroups.html
+++ b/src/app/organization/views/organizationCollectionsGroups.html
@@ -1,10 +0,0 @@
-<div class="modal-header">
-    <button type="button" class="close" ng-click="close()" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    <h4 class="modal-title"><i class="fa fa-sitemap"></i> Groups <small>{{collection.name}}</small></h4>
-</div>
-<div class="modal-body">
-    Groups are coming soon to bitwarden Enterprise organizations.
-</div>
-<div class="modal-footer">
-    <button type="button" class="btn btn-default btn-flat" ng-click="close()">Close</button>
-</div>
--- a/src/app/organization/views/organizationCollectionsUsers.html
+++ b/src/app/organization/views/organizationCollectionsUsers.html
@@ -22,13 +22,13 @@
                                <i class="fa fa-cog"></i> <span class="caret"></span>
                            </button>
                            <ul class="dropdown-menu">
-                                <li ng-show="user.id">
-                                    <a href="javascript:void(0)" ng-click="remove(user)" class="text-red">
+                                <li ng-show="!user.accessAll">
+                                    <a href="#" stop-click ng-click="remove(user)" class="text-red">
                                        <i class="fa fa-fw fa-remove"></i> Remove
                                    </a>
                                </li>
-                                <li ng-show="!user.id">
-                                    <a href="javascript:void(0)">
+                                <li ng-show="user.accessAll">
+                                    <a href="#" stop-click>
                                        No options...
                                    </a>
                                </li>
--- a/src/app/organization/views/organizationDashboard.html
+++ b/src/app/organization/views/organizationDashboard.html
@@ -7,10 +7,12 @@
 <section class="content">
    <div class="callout callout-warning" ng-if="!orgProfile.enabled">
        <h4><i class="fa fa-warning"></i> Organization Disabled</h4>
-        <p>
-            This organization is currently disabled. Users will not see your shared logins or collections.
-            Contact us if you would like to reinstate this organization.
-        </p>
+        <p>This organization is currently disabled. Users will not see your shared logins or collections.</p>
+        <p ng-if="!selfHosted">Contact us if you would like to reinstate this organization.</p>
+        <p ng-if="selfHosted">Update your license to reinstate this organization.</p>
+        <a ng-if="selfHosted" class="btn btn-default btn-flat" href="#" stop-click ng-click="goBilling()">
+            Billing &amp; Licensing
+        </a>
        <a class="btn btn-default btn-flat" href="https://bitwarden.com/contact/" target="_blank">
            Contact Us
        </a>
@@ -20,7 +22,7 @@
            <h3 class="box-title">Let's Get Started!</h3>
        </div>
        <div class="box-body">
-            <p>Dashboard features are coming soon. Get started by inviting users and creating your collections.</p>
+            <p>Get started by inviting users and creating your collections.</p>
            <a class="btn btn-default btn-flat" ui-sref="backend.org.people({orgId: orgProfile.id})">
                Invite Users
            </a>
--- a/src/app/organization/views/organizationDelete.html
+++ b/src/app/organization/views/organizationDelete.html
@@ -14,7 +14,7 @@
            Deleting this organization is permanent. It cannot be undone.
        </div>
        <div class="callout callout-danger validation-errors" ng-show="form.$errors">
-            <h4>Errors have occured</h4>
+            <h4>Errors have occurred</h4>
            <ul>
                <li ng-repeat="e in form.$errors">{{e}}</li>
            </ul>
--- a/src/app/organization/views/organizationEvents.html
+++ b/src/app/organization/views/organizationEvents.html
@@ -0,0 +1,67 @@
+<section class="content-header">
+    <h1>
+        Events
+        <small>audit your organization</small>
+    </h1>
+</section>
+<section class="content">
+    <div class="box">
+        <div class="box-header with-border">
+            &nbsp;
+            <div class="box-filters hidden-xs hidden-sm">
+                <input type="datetime-local" ng-model="filterStart" required
+                       class="form-control input-sm" style="width:initial;" />
+                -
+                <input type="datetime-local" ng-model="filterEnd" required
+                       class="form-control input-sm" style="width:initial;" />
+            </div>
+            <div class="box-tools">
+                <button type="button" class="btn btn-primary btn-sm btn-flat" ng-click="refresh()">
+                    <i class="fa fa-fw fa-refresh" ng-class="{'fa-spin': loading}"></i> Refresh
+                </button>
+            </div>
+        </div>
+        <div class="box-body" ng-class="{'no-padding': filteredEvents.length}">
+            <div ng-show="loading && !events.length">
+                Loading...
+            </div>
+            <div ng-show="!loading && !events.length">
+                <p>There are no events to list.</p>
+            </div>
+            <div class="table-responsive" ng-show="events.length">
+                <table class="table table-striped table-hover">
+                    <thead>
+                        <tr>
+                            <th>Timestamp</th>
+                            <th><span class="sr-only">App</span></th>
+                            <th>User</th>
+                            <th>Event</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <tr ng-repeat="event in filteredEvents = (events)">
+                            <td style="width: 210px; min-width: 100px;">
+                                {{event.date | date:'medium'}}
+                            </td>
+                            <td style="width: 20px;" class="text-center">
+                                <i class="text-muted fa fa-lg {{event.appIcon}}" title="{{event.appName}}, {{event.ip}}"></i>
+                            </td>
+                            <td style="width: 150px; min-width: 100px;">
+                                {{event.userName}}
+                            </td>
+                            <td>
+                                <div ng-bind-html="event.message"></div>
+                            </td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        </div>
+        <div class="box-footer text-center" ng-show="continuationToken">
+            <button class="btn btn-link btn-block" ng-click="next()" ng-if="!loading">
+                Load more...
+            </button>
+            <i class="fa fa-fw fa-refresh fa-spin text-muted" ng-if="loading"></i>
+        </div>
+    </div>
+</section>
--- a/src/app/organization/views/organizationGroups.html
+++ b/src/app/organization/views/organizationGroups.html
@@ -7,10 +7,64 @@
 <section class="content">
    <div class="box">
        <div class="box-header with-border">
-            <h3 class="box-title">Coming soon...</h3>
+            &nbsp;
+            <div class="box-filters hidden-xs">
+                <div class="form-group form-group-sm has-feedback has-feedback-left">
+                    <input type="text" id="filterSearch" class="form-control" placeholder="Search groups..."
+                           style="width: 200px;" ng-model="filterSearch">
+                    <span class="fa fa-search form-control-feedback text-muted" aria-hidden="true"></span>
+                </div>
+            </div>
+            <div class="box-tools">
+                <button type="button" class="btn btn-primary btn-sm btn-flat" ng-click="add()">
+                    <i class="fa fa-fw fa-plus-circle"></i> New Group
+                </button>
+            </div>
        </div>
-        <div class="box-body">
-            <p>Groups are coming soon to bitwarden Enterprise organizations.</p>
+        <div class="box-body" ng-class="{'no-padding': filteredGroups.length}">
+            <div ng-show="loading && !groups.length">
+                Loading...
+            </div>
+            <div ng-show="!filteredGroups.length && filterSearch">
+                No groups to list.
+            </div>
+            <div ng-show="!loading && !groups.length">
+                <p>There are no groups yet for your organization.</p>
+                <button type="button" ng-click="add()" class="btn btn-default btn-flat">Add a Group</button>
+            </div>
+            <div class="table-responsive" ng-show="groups.length">
+                <table class="table table-striped table-hover table-vmiddle">
+                    <tbody>
+                        <tr ng-repeat="group in filteredGroups = (groups | filter: (filterSearch || '') |
+                            orderBy: ['name']) track by group.id">
+                            <td style="width: 70px;">
+                                <div class="btn-group" data-append-to="body">
+                                    <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
+                                        <i class="fa fa-cog"></i> <span class="caret"></span>
+                                    </button>
+                                    <ul class="dropdown-menu">
+                                        <li>
+                                            <a href="#" stop-click ng-click="users(group)">
+                                                <i class="fa fa-fw fa-users"></i> Users
+                                            </a>
+                                        </li>
+                                        <li>
+                                            <a href="#" stop-click ng-click="delete(group)" class="text-red">
+                                                <i class="fa fa-fw fa-trash"></i> Delete
+                                            </a>
+                                        </li>
+                                    </ul>
+                                </div>
+                            </td>
+                            <td valign="middle">
+                                <a href="#" stop-click ng-click="edit(group)">
+                                    {{group.name}}
+                                </a>
+                            </td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
        </div>
    </div>
 </section>
--- a/Show More
+++ b/Show More