diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
deleted file mode 100644
index 5fff2f1c..00000000
--- a/app/controllers/registrations_controller.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-class Users::RegistrationsController < Devise::RegistrationsController
-  protected
-    def after_sign_up_path_for(resource)
-      signed_in_root_path(resource)
-    end
-
-    def after_update_path_for(resource)
-      signed_in_root_path(resource)
-    end
-end
diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb
index 5fff2f1c..c77edb50 100644
--- a/app/controllers/users/registrations_controller.rb
+++ b/app/controllers/users/registrations_controller.rb
@@ -1,4 +1,7 @@
 class Users::RegistrationsController < Devise::RegistrationsController
+  before_filter :configure_sign_up_params, only: [:create]
+  before_filter :configure_account_update_params, only: [:update]
+
   protected
     def after_sign_up_path_for(resource)
       signed_in_root_path(resource)
@@ -7,4 +10,14 @@ class Users::RegistrationsController < Devise::RegistrationsController
     def after_update_path_for(resource)
       signed_in_root_path(resource)
     end
+
+  private
+    def configure_sign_up_params
+      devise_parameter_sanitizer.for(:sign_up) << [:name, :joinedwithcode]
+    end
+
+    def configure_account_update_params
+      puts devise_parameter_sanitizer_for(:account_update)
+      devise_parameter_sanitizer.for(:account_update) << [:image]
+    end
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 52996f49..683e6200 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -22,9 +22,9 @@ class UsersController < ApplicationController
   def update
     @user = current_user
 
-    if params[:user][:password] == "" && params[:user][:password_confirmation] == ""
+    if user_params[:password] == "" && user_params[:password_confirmation] == ""
       # not trying to change the password
-      if @user.update_attributes(params[:user])
+      if @user.update_attributes(user_params.except(:password, :password_confirmation))
         if params[:remove_image] == "1"
           @user.image = nil
         end
@@ -43,7 +43,7 @@ class UsersController < ApplicationController
       # trying to change the password
       correct_pass = @user.valid_password?(params[:current_password])
 
-      if correct_pass && @user.update_attributes(params[:user])
+      if correct_pass && @user.update_attributes(user_params)
         if params[:remove_image] == "1"
           @user.image = nil
         end
@@ -101,8 +101,7 @@ class UsersController < ApplicationController
   private
 
   def user_params
-    params.require(:user).permit(:name, :email, :image, :password, 
-    :password_confirmation, :code, :joinedwithcode, :remember_me)
+    params.require(:user).permit(:name, :email, :image, :password, :password_confirmation)
   end
 
 end
diff --git a/config/application.rb b/config/application.rb
index f9e0a87d..6bcfbe27 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -2,7 +2,7 @@ require File.expand_path('../boot', __FILE__)
 
 require 'rails/all'
 
-Bundler.require(:default, Rails.env)
+Bundler.require(*Rails.groups)
 
 module Metamaps
   class Application < Rails::Application