diff --git a/Gemfile.lock b/Gemfile.lock
index 72c5e1c..bd078a4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -41,7 +41,7 @@ GEM
       multi_json (~> 1.0)
     addressable (2.2.7)
     arel (3.0.2)
-    bcrypt-ruby (2.1.4)
+    bcrypt-ruby (3.0.1)
     bourbon (1.4.0)
       sass (>= 3.1)
     builder (3.0.0)
@@ -59,10 +59,11 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.3.1)
-    devise (1.2.1)
-      bcrypt-ruby (~> 2.1.2)
+    devise (2.0.4)
+      bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.0.3)
-      warden (~> 1.0.3)
+      railties (~> 3.1)
+      warden (~> 1.1.1)
     erubis (2.7.0)
     execjs (1.3.0)
       multi_json (~> 1.0)
@@ -169,7 +170,7 @@ GEM
     uglifier (1.2.4)
       execjs (>= 0.3.0)
       multi_json (>= 1.0.2)
-    warden (1.0.6)
+    warden (1.1.1)
       rack (>= 1.0)
 
 PLATFORMS
@@ -177,11 +178,11 @@ PLATFORMS
 
 DEPENDENCIES
   activeadmin (= 0.4.0)
-  bcrypt-ruby (= 2.1.4)
+  bcrypt-ruby (= 3.0.1)
   cancan (= 1.6.5)
   capistrano (= 2.5.21)
   coffee-rails (= 3.2.2)
-  devise (= 1.2.1)
+  devise (= 2.0.4)
   mail
   mysql2 (= 0.2.7)
   rails (= 3.2.3)
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index e8bb8d6..2748f83 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -63,18 +63,19 @@ Devise.setup do |config|
   # You can use this to let your user access some features of your application
   # without confirming the account, but blocking it after a certain period
   # (ie 2 days).
-  # config.confirm_within = 2.days
+  # config.allow_unconfirmed_access_for = 2.days
 
   # Defines which key will be used when confirming an account
   # config.confirmation_keys = [ :email ]
 
+  # Devise 2.0: Support for e-mail reconfirmation when it changes.
+  # needs: adding an unconfirmed_email column to your Devise models
+  config.reconfirmable = true
+
   # ==> Configuration for :rememberable
   # The time the user will be remembered without asking for credentials again.
   # config.remember_for = 2.weeks
 
-  # If true, a valid remember token can be re-used between multiple browsers.
-  # config.remember_across_browsers = true
-
   # If true, extends the user's remember period when remembered via cookie.
   # config.extend_remember_period = false
 
@@ -122,6 +123,10 @@ Devise.setup do |config|
   # Defines which key will be used when recovering the password for an account
   # config.reset_password_keys = [ :email ]
 
+  # [Devise 2.0] Devise now requires you to have a reset_password_sent_at column.
+  # Please add it to your Devise models and set Devise.reset_password_within to an interval (like 6 hours)
+  config.reset_password_within = 6
+
   # ==> Configuration for :encryptable
   # Allow you to use another encryption algorithm besides bcrypt (default). You can use
   # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
@@ -136,7 +141,10 @@ Devise.setup do |config|
 
   # If true, authentication through token does not store user in session and needs
   # to be supplied on each request. Useful if you are using the token as API token.
-  # config.stateless_token = false
+  # Devise 2.0: stateless_token was removed.
+  # If you want to have stateless tokens, simply do
+  # config.skip_session_storage << :auth_token
+  # in your initializer;
 
   # ==> Scopes configuration
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
diff --git a/config/locales/devise.en.yml b/config/locales/devise.en.yml
index e70ad89..bc3e291 100644
--- a/config/locales/devise.en.yml
+++ b/config/locales/devise.en.yml
@@ -30,7 +30,9 @@ en:
       confirmed: 'Your account was successfully confirmed. You are now signed in.'
     registrations:
       signed_up: 'Welcome! You have signed up successfully.'
-      inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
+      signed_up_but_unconfirmed: 'A message with a confirmation link has been sent to your email address. Please open the link to activate your account.'
+      signed_up_but_inactive: 'You have signed up successfully. However, we could not sign you in because your account is not yet activated.'
+      signed_up_but_locked: 'You have signed up successfully. However, we could not sign you in because your account is locked.'
       updated: 'You updated your account successfully.'
       destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
     unlocks:
diff --git a/db/migrate/20110514213956_devise_create_users.rb b/db/migrate/20110514213956_devise_create_users.rb
index 3083e74..6d11b6d 100644
--- a/db/migrate/20110514213956_devise_create_users.rb
+++ b/db/migrate/20110514213956_devise_create_users.rb
@@ -1,16 +1,43 @@
 class DeviseCreateUsers < ActiveRecord::Migration
   def self.up
     create_table(:users) do |t|
-      t.database_authenticatable :null => false
-      t.recoverable
-      t.rememberable
-      t.trackable
+      ## Database authenticatable
+      t.string :email,              :null => false, :default => ""
+      t.string :encrypted_password, :null => false, :default => ""
 
-      # t.encryptable
-      # t.confirmable
-      # t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both
-      # t.token_authenticatable
+      ## Recoverable
+      t.string   :reset_password_token
+      # t.datetime :reset_password_sent_at
 
+      ## Rememberable
+      t.datetime :remember_created_at
+
+      ## Trackable
+      t.integer  :sign_in_count, :default => 0
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+
+      ## Encryptable
+      # t.string :password_salt
+
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+
+      ## Lockable
+      # t.integer  :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+
+      # Token authenticatable
+      # t.string :authentication_token
+
+      ## Invitable
+      # t.string :invitation_token
 
       t.timestamps
     end
diff --git a/db/migrate/20120422201818_update_devise_to_version2.rb b/db/migrate/20120422201818_update_devise_to_version2.rb
new file mode 100644
index 0000000..a64f708
--- /dev/null
+++ b/db/migrate/20120422201818_update_devise_to_version2.rb
@@ -0,0 +1,10 @@
+class UpdateDeviseToVersion2 < ActiveRecord::Migration
+  # Changes according to https://github.com/plataformatec/devise/wiki/How-To:-Upgrade-to-Devise-2.0
+  def change
+    add_column :users, :confirmation_token,     :string
+    add_column :users, :confirmed_at,           :datetime
+    add_column :users, :confirmation_sent_at,   :datetime
+    add_column :users, :unconfirmed_email,      :string
+    add_column :users, :reset_password_sent_at, :datetime
+  end
+end