diff --git a/src/app/organization/organizationPeopleEditController.js b/src/app/organization/organizationPeopleEditController.js
index 7cb971de84..589c261d68 100644
--- a/src/app/organization/organizationPeopleEditController.js
+++ b/src/app/organization/organizationPeopleEditController.js
@@ -3,8 +3,8 @@
 
     .controller('organizationPeopleEditController', function ($scope, $state, $uibModalInstance, apiService, cipherService, id) {
         $scope.loading = true;
-        $scope.selectedSubvaults = [];
-        $scope.selectedSubvaultsReadOnly = [];
+        $scope.subvaults = [];
+        $scope.selectedSubvaults = {};
 
         $uibModalInstance.opened.then(function () {
             apiService.subvaults.listOrganization({ orgId: $state.params.orgId }, function (list) {
@@ -14,70 +14,68 @@
 
             apiService.organizationUsers.get({ orgId: $state.params.orgId, id: id }, function (user) {
                 if (user && user.Subvaults) {
-                    var subvaults = [];
-                    var subvaultsReadOnly = [];
+                    var subvaults = {};
                     for (var i = 0; i < user.Subvaults.Data.length; i++) {
-                        subvaults.push(user.Subvaults.Data[i].SubvaultId);
-                        if (user.Subvaults.Data[i].ReadOnly) {
-                            subvaultsReadOnly.push(user.Subvaults.Data[i].SubvaultId);
-                        }
+                        subvaults[user.Subvaults.Data[i].SubvaultId] = {
+                            subvaultId: user.Subvaults.Data[i].SubvaultId,
+                            readOnly: user.Subvaults.Data[i].ReadOnly
+                        };
                     }
                 }
                 $scope.selectedSubvaults = subvaults;
-                $scope.selectedSubvaultsReadOnly = subvaultsReadOnly;
             });
         });
 
         $scope.toggleSubvaultSelectionAll = function ($event) {
-            var subvaultIds = [];
+            var subvaults = {};
             if ($event.target.checked) {
                 for (var i = 0; i < $scope.subvaults.length; i++) {
-                    subvaultIds.push($scope.subvaults[i].id);
+                    subvaults[$scope.subvaults[i].id] = {
+                        subvaultId: $scope.subvaults[i].id,
+                        readOnly: ($scope.subvaults[i].id in $scope.selectedSubvaults) ?
+                            $scope.selectedSubvaults[$scope.subvaults[i].id].readOnly : false
+                    };
                 }
             }
-            else {
-                $scope.selectedSubvaultsReadOnly = [];
-            }
 
-            $scope.selectedSubvaults = subvaultIds;
+            $scope.selectedSubvaults = subvaults;
         };
 
         $scope.toggleSubvaultSelection = function (id) {
-            var i = $scope.selectedSubvaults.indexOf(id);
-            if (i > -1) {
-                $scope.selectedSubvaults.splice(i, 1);
-
-                var j = $scope.selectedSubvaultsReadOnly.indexOf(id);
-                if (j > -1) {
-                    $scope.selectedSubvaultsReadOnly.splice(j, 1);
-                }
+            if (id in $scope.selectedSubvaults) {
+                delete $scope.selectedSubvaults[id];
             }
             else {
-                $scope.selectedSubvaults.push(id);
+                $scope.selectedSubvaults[id] = {
+                    subvaultId: id,
+                    readOnly: false
+                };
             }
         };
 
         $scope.toggleSubvaultReadOnlySelection = function (id) {
-            var i = $scope.selectedSubvaultsReadOnly.indexOf(id);
-            if (i > -1) {
-                $scope.selectedSubvaultsReadOnly.splice(i, 1);
-            }
-            else {
-                $scope.selectedSubvaultsReadOnly.push(id);
+            if (id in $scope.selectedSubvaults) {
+                $scope.selectedSubvaults[id].readOnly = !!!$scope.selectedSubvaults[id].readOnly;
             }
         };
 
+        $scope.subvaultSelected = function (subvault) {
+            return subvault.id in $scope.selectedSubvaults;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedSubvaults).length === $scope.subvaults.length;
+        };
+
         $scope.submit = function (model) {
             var subvaults = [];
-            for (var i = 0; i < $scope.selectedSubvaults.length; i++) {
-                subvaults.push({
-                    id: null,
-                    subvaultId: $scope.selectedSubvaults[i],
-                    readOnly: $scope.selectedSubvaultsReadOnly.indexOf($scope.selectedSubvaults[i]) > -1
-                });
+            for (var subvaultId in $scope.selectedSubvaults) {
+                if ($scope.selectedSubvaults.hasOwnProperty(subvaultId)) {
+                    subvaults.push($scope.selectedSubvaults[subvaultId]);
+                }
             }
 
-            apiService.organizationUsers.put({ orgId: $state.params.orgId, id: 0 }, {
+            apiService.organizationUsers.put({ orgId: $state.params.orgId, id: id }, {
                 subvaults: subvaults
             }, function () {
                 $uibModalInstance.close();
diff --git a/src/app/organization/organizationPeopleInviteController.js b/src/app/organization/organizationPeopleInviteController.js
index 35226b4fe3..169d5ee6d9 100644
--- a/src/app/organization/organizationPeopleInviteController.js
+++ b/src/app/organization/organizationPeopleInviteController.js
@@ -3,8 +3,8 @@
 
     .controller('organizationPeopleInviteController', function ($scope, $state, $uibModalInstance, apiService, cipherService) {
         $scope.loading = true;
-        $scope.selectedSubvaults = [];
-        $scope.selectedSubvaultsReadOnly = [];
+        $scope.subvaults = [];
+        $scope.selectedSubvaults = {};
 
         $uibModalInstance.opened.then(function () {
             apiService.subvaults.listOrganization({ orgId: $state.params.orgId }, function (list) {
@@ -14,52 +14,52 @@
         });
 
         $scope.toggleSubvaultSelectionAll = function ($event) {
-            var subvaultIds = [];
-            if ($event.target.checked)
-            {
+            var subvaults = {};
+            if ($event.target.checked) {
                 for (var i = 0; i < $scope.subvaults.length; i++) {
-                    subvaultIds.push($scope.subvaults[i].id);
+                    subvaults[$scope.subvaults[i].id] = {
+                        subvaultId: $scope.subvaults[i].id,
+                        readOnly: ($scope.subvaults[i].id in $scope.selectedSubvaults) ?
+                            $scope.selectedSubvaults[$scope.subvaults[i].id].readOnly : false
+                    };
                 }
             }
-            else {
-                $scope.selectedSubvaultsReadOnly = [];
-            }
 
-            $scope.selectedSubvaults = subvaultIds;
+            $scope.selectedSubvaults = subvaults;
         };
 
         $scope.toggleSubvaultSelection = function (id) {
-            var i = $scope.selectedSubvaults.indexOf(id);
-            if (i > -1) {
-                $scope.selectedSubvaults.splice(i, 1);
-
-                var j = $scope.selectedSubvaultsReadOnly.indexOf(id);
-                if (j > -1) {
-                    $scope.selectedSubvaultsReadOnly.splice(j, 1);
-                }
+            if (id in $scope.selectedSubvaults) {
+                delete $scope.selectedSubvaults[id];
             }
             else {
-                $scope.selectedSubvaults.push(id);
+                $scope.selectedSubvaults[id] = {
+                    subvaultId: id,
+                    readOnly: false
+                };
             }
         };
 
         $scope.toggleSubvaultReadOnlySelection = function (id) {
-            var i = $scope.selectedSubvaultsReadOnly.indexOf(id);
-            if (i > -1) {
-                $scope.selectedSubvaultsReadOnly.splice(i, 1);
-            }
-            else {
-                $scope.selectedSubvaultsReadOnly.push(id);
+            if (id in $scope.selectedSubvaults) {
+                $scope.selectedSubvaults[id].readOnly = !!!$scope.selectedSubvaults[id].readOnly;
             }
         };
 
+        $scope.subvaultSelected = function (subvault) {
+            return subvault.id in $scope.selectedSubvaults;
+        };
+
+        $scope.allSelected = function () {
+            return Object.keys($scope.selectedSubvaults).length === $scope.subvaults.length;
+        };
+
         $scope.submit = function (model) {
             var subvaults = [];
-            for (var i = 0; i < $scope.selectedSubvaults.length; i++) {
-                subvaults.push({
-                    subvaultId: $scope.selectedSubvaults[i],
-                    readOnly: $scope.selectedSubvaultsReadOnly.indexOf($scope.selectedSubvaults[i]) > -1
-                });
+            for (var subvaultId in $scope.selectedSubvaults) {
+                if ($scope.selectedSubvaults.hasOwnProperty(subvaultId)) {
+                    subvaults.push($scope.selectedSubvaults[subvaultId]);
+                }
             }
 
             apiService.organizationUsers.invite({ orgId: $state.params.orgId }, {
diff --git a/src/app/organization/views/organizationPeopleEdit.html b/src/app/organization/views/organizationPeopleEdit.html
index 1bb828c1cc..5510151355 100644
--- a/src/app/organization/views/organizationPeopleEdit.html
+++ b/src/app/organization/views/organizationPeopleEdit.html
@@ -17,7 +17,7 @@
                     <tr>
                         <th style="width: 40px;">
                             <input type="checkbox"
-                                   ng-checked="selectedSubvaults.length === subvaults.length"
+                                   ng-checked="allSelected()"
                                    ng-click="toggleSubvaultSelectionAll($event)">
                         </th>
                         <th>Name</th>
@@ -30,7 +30,7 @@
                             <input type="checkbox"
                                    name="selectedSubvaults[]"
                                    value="{{subvault.id}}"
-                                   ng-checked="selectedSubvaults.indexOf(subvault.id) > -1"
+                                   ng-checked="subvaultSelected(subvault)"
                                    ng-click="toggleSubvaultSelection(subvault.id)">
                         </td>
                         <td valign="middle">
@@ -40,8 +40,8 @@
                             <input type="checkbox"
                                    name="selectedSubvaultsReadonly[]"
                                    value="{{subvault.id}}"
-                                   ng-disabled="selectedSubvaults.indexOf(subvault.id) === -1"
-                                   ng-checked="selectedSubvaultsReadOnly.indexOf(subvault.id) > -1"
+                                   ng-disabled="!subvaultSelected(subvault)"
+                                   ng-checked="subvaultSelected(subvault) && selectedSubvaults[subvault.id].readOnly"
                                    ng-click="toggleSubvaultReadOnlySelection(subvault.id)">
                         </td>
                     </tr>
diff --git a/src/app/organization/views/organizationPeopleInvite.html b/src/app/organization/views/organizationPeopleInvite.html
index ae15c09be6..8647804eb3 100644
--- a/src/app/organization/views/organizationPeopleInvite.html
+++ b/src/app/organization/views/organizationPeopleInvite.html
@@ -31,7 +31,7 @@
                     <tr>
                         <th style="width: 40px;">
                             <input type="checkbox"
-                                   ng-checked="selectedSubvaults.length === subvaults.length"
+                                   ng-checked="allSelected()"
                                    ng-click="toggleSubvaultSelectionAll($event)">
                         </th>
                         <th>Name</th>
@@ -44,7 +44,7 @@
                             <input type="checkbox"
                                    name="selectedSubvaults[]"
                                    value="{{subvault.id}}"
-                                   ng-checked="selectedSubvaults.indexOf(subvault.id) > -1"
+                                   ng-checked="subvaultSelected(subvault)"
                                    ng-click="toggleSubvaultSelection(subvault.id)">
                         </td>
                         <td valign="middle">
@@ -54,8 +54,8 @@
                             <input type="checkbox"
                                    name="selectedSubvaultsReadonly[]"
                                    value="{{subvault.id}}"
-                                   ng-disabled="selectedSubvaults.indexOf(subvault.id) === -1"
-                                   ng-checked="selectedSubvaultsReadOnly.indexOf(subvault.id) > -1"
+                                   ng-disabled="!subvaultSelected(subvault)"
+                                   ng-checked="subvaultSelected(subvault) && selectedSubvaults[subvault.id].readOnly"
                                    ng-click="toggleSubvaultReadOnlySelection(subvault.id)">
                         </td>
                     </tr>
diff --git a/src/app/services/apiService.js b/src/app/services/apiService.js
index 6366f3804a..51d14291d6 100644
--- a/src/app/services/apiService.js
+++ b/src/app/services/apiService.js
@@ -44,6 +44,7 @@
             invite: { url: _apiUri + '/organizations/:orgId/users/invite', method: 'POST', params: { orgId: '@orgId' } },
             accept: { url: _apiUri + '/organizations/:orgId/users/:id/accept', method: 'POST', params: { id: '@id', orgId: '@orgId' } },
             confirm: { url: _apiUri + '/organizations/:orgId/users/:id/confirm', method: 'POST', params: { id: '@id', orgId: '@orgId' } },
+            put: { method: 'POST', params: { id: '@id', orgId: '@orgId' } },
             del: { url: _apiUri + '/organizations/:orgId/users/:id/delete', method: 'POST', params: { id: '@id', orgId: '@orgId' } }
         });
 
diff --git a/src/app/services/cipherService.js b/src/app/services/cipherService.js
index dedf481092..3e4bc53a29 100644
--- a/src/app/services/cipherService.js
+++ b/src/app/services/cipherService.js
@@ -57,8 +57,8 @@ angular
                 id: encryptedCipher.Id,
                 folderId: encryptedCipher.FolderId,
                 favorite: encryptedCipher.Favorite,
-                name: decryptProperty(encryptedCipher.Data.Name, key, false),
-                username: decryptProperty(encryptedCipher.Data.Username, key, true)
+                name: _service.decryptProperty(encryptedCipher.Data.Name, key, false),
+                username: _service.decryptProperty(encryptedCipher.Data.Username, key, true)
             };
 
             return login;
@@ -90,7 +90,7 @@ angular
 
             return {
                 id: encryptedFolder.Id,
-                name: decryptProperty(encryptedFolder.Data.Name, null, false)
+                name: _service.decryptProperty(encryptedFolder.Data.Name, null, false)
             };
         };
 
@@ -114,12 +114,12 @@ angular
 
             return {
                 id: encryptedSubvault.Id,
-                name: catchError ? decryptProperty(encryptedSubvault.Name, key, false) :
+                name: catchError ? _service.decryptProperty(encryptedSubvault.Name, key, false) :
                     cryptoService.decrypt(encryptedSubvault.Name, key)
             };
         };
 
-        function decryptProperty(property, key, checkEmpty) {
+        _service.decryptProperty = function(property, key, checkEmpty) {
             if (checkEmpty && (!property || property === '')) {
                 return null;
             }
diff --git a/src/app/services/cryptoService.js b/src/app/services/cryptoService.js
index f8b5431c15..6757551f82 100644
--- a/src/app/services/cryptoService.js
+++ b/src/app/services/cryptoService.js
@@ -31,19 +31,26 @@ angular
             }
 
             var orgKeysb64 = {},
-                _orgKeys = {};
+                _orgKeys = {},
+                setKey = false;
             for (var i = 0; i < orgKeysCt.length; i++) {
                 try {
                     var orgKey = _service.rsaDecrypt(orgKeysCt[i].key, privateKey);
                     _orgKeys[orgKeysCt[i].id] = orgKey;
                     orgKeysb64[orgKeysCt[i].id] = forge.util.encode64(orgKey);
+                    setKey = true;
                 }
                 catch (e) {
                     console.log('Cannot set org key ' + i + '. Decryption failed.');
                 }
             }
 
-            $sessionStorage.orgKeys = orgKeysb64;
+            if (setKey) {
+                $sessionStorage.orgKeys = orgKeysb64;
+            }
+            else {
+                _orgKeys = null;
+            }
         };
 
         _service.addOrgKey = function (orgKeyCt, privateKey) {
@@ -63,6 +70,7 @@ angular
                 orgKeysb64[orgKeyCt.id] = forge.util.encode64(orgKey);
             }
             catch (e) {
+                _orgKeys = null;
                 console.log('Cannot set org key. Decryption failed.');
             }
 
@@ -177,7 +185,7 @@ angular
         };
 
         _service.clearOrgKeys = function () {
-            _orgKeys = {};
+            _orgKeys = null;
             delete $sessionStorage.orgKeys;
         };