diff --git a/app.js b/app.js
index 9e1b053c28..aa4834efff 100755
--- a/app.js
+++ b/app.js
@@ -2,6 +2,7 @@ var express = require('express'),
     http = require('http'),
     path = require('path'),
     fs = require('fs'),
+    flash = require('connect-flash'),
     mongoose = require('mongoose'),
     passport = require('passport');
 
@@ -32,6 +33,7 @@ app.use(express.methodOverride());
 app.use(express.session({ secret: 'Bob-Alice' }));
 app.use(passport.initialize());
 app.use(passport.session());
+app.use(flash());
 app.use(express.static(path.join(__dirname, 'public')));
 app.use(app.router);
 
diff --git a/controllers/user.js b/controllers/user.js
index 42a2673fe4..07c85db673 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -56,7 +56,7 @@ exports.postlogin = function(req, res, next) {
   passport.authenticate('local', function(err, user, info) {
     if (err) return next(err);
     if (!user) {
-      req.session.messages =  [info.message];
+      req.flash('messages', [info.message]);
       return res.redirect('/login');
     }
     req.logIn(user, function(err) {
diff --git a/models/user.js b/models/user.js
index e84ad94e97..01350b6d75 100644
--- a/models/user.js
+++ b/models/user.js
@@ -3,18 +3,20 @@ var mongoose = require('mongoose'),
 
 
 var userSchema = new mongoose.Schema({
-  username: { type: String, required: true, unique: true },
+  firstName: { type: String, required: true},
+  lastName: { type: String, required: true},
   email: { type: String, required: true, unique: true },
   password: { type: String, required: true},
-  admin: { type: Boolean, required: true }
+  admin: { type: Boolean, default: false }
 });
 
 userSchema.pre('save', function(next) {
   var user = this;
+  var SALT_FACTOR = 5;
 
   if (!user.isModified('password')) return next();
 
-  bcrypt.genSalt(32, function(err, salt) {
+  bcrypt.genSalt(SALT_FACTOR, function(err, salt) {
     if (err) return next(err);
 
     bcrypt.hash(user.password, salt, function(err, hash) {