diff --git a/ghost/admin/controllers/application.js b/ghost/admin/controllers/application.js
index d81587ba98..c8c1881922 100644
--- a/ghost/admin/controllers/application.js
+++ b/ghost/admin/controllers/application.js
@@ -1,5 +1,5 @@
 var ApplicationController = Ember.Controller.extend({
-    hideNav: Ember.computed.match('currentPath', /(signin|signup|setup|forgotten|reset)/),
+    hideNav: Ember.computed.match('currentPath', /(error|signin|signup|setup|forgotten|reset)/),
 
     topNotificationCount: 0,
 
diff --git a/ghost/admin/routes/signup.js b/ghost/admin/routes/signup.js
index 54a7196717..eb88079974 100644
--- a/ghost/admin/routes/signup.js
+++ b/ghost/admin/routes/signup.js
@@ -10,10 +10,23 @@ var SignupRoute = Ember.Route.extend(styleBody, loadingIndicator, {
         }
     },
     setupController: function (controller, params) {
-        var tokenText = atob(params.token),
-            email = tokenText.split('|')[1];
-        controller.token = params.token;
-        controller.email = email;
+        var tokenText,
+            email,
+            re = /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/;
+        if (re.test(params.token)) {
+            try {
+                tokenText = atob(params.token);
+                email = tokenText.split('|')[1];
+                controller.token = params.token;
+                controller.email = email;
+            } catch (e) {
+                this.transitionTo('signin');
+                this.notifications.showError('Invalid token.', {delayed: true});
+            }
+        } else {
+            this.transitionTo('signin');
+            this.notifications.showError('Invalid token.', {delayed: true});
+        }
     }
 });