diff --git a/helios/datatypes/legacy.py b/helios/datatypes/legacy.py
index a9fe99422e857be9d3125f04eb816766f799086b..518a47dac956c542838866303a401860b6a646a9 100644
--- a/helios/datatypes/legacy.py
+++ b/helios/datatypes/legacy.py
@@ -190,6 +190,5 @@ class Tally(LegacyObject):
     STRUCTURED_FIELDS = {
         'tally': arrayOf(arrayOf('legacy/EGCiphertext'))}
 
-
-class Eligibility(LegacyObject):
-    pass
+class Eligibility(ListObject, LegacyObject):
+    WRAPPED_OBJ = list
diff --git a/helios/models.py b/helios/models.py
index 7765b00bab51f94408290288ceceb17d01824cae..c6e806920a93f0c39db7b97e0ff9748b6be1a9e5 100644
--- a/helios/models.py
+++ b/helios/models.py
@@ -344,8 +344,8 @@ class Election(HeliosModel):
       return
 
     auth_systems = copy.copy(settings.AUTH_ENABLED_AUTH_SYSTEMS)
-    voter_types = [r['user__user_type'] for r in self.voter_set.values('user__user_type').distinct()]
-    
+    voter_types = [r['user__user_type'] for r in self.voter_set.values('user__user_type').distinct() if r['user__user_type'] != None]
+
     # password is now separate, not an explicit voter type
     if self.voter_set.filter(user=None).count() > 0:
       voter_types.append('password')
diff --git a/helios/templates/_castconfirm_docast.html b/helios/templates/_castconfirm_docast.html
index 18acbd0cc5d863e7c4a5f8754dca0b28f80e3d1c..8609cd1a9353f76bc5fd4c1b8554aa4b85add5c0 100644
--- a/helios/templates/_castconfirm_docast.html
+++ b/helios/templates/_castconfirm_docast.html
@@ -1,3 +1,6 @@
+{% if election.voting_has_started %}
+  {% if not election.voting_has_stopped %}
+
 <div id="cast_form">
 <form method="post" action="" onsubmit="show_waiting()">
     <input type="hidden" name="csrf_token" value="{{csrf_token}}" />
@@ -28,3 +31,13 @@
     Verifying and Casting your ballot<br />
     <img src="/static/helios/loading.gif" />
 </div>
+  {% else %}
+<p style="font-size:1.4em;">
+  voting has stopped, sorry.
+</p>
+  {% endif %}
+{% else %}
+<p style="font-size:1.4em;">
+  voting has not yet begun, sorry.
+</p>
+{% endif %}
diff --git a/helios/templates/election_cast_confirm.html b/helios/templates/election_cast_confirm.html
index 5621d85456aae3b340ab8aee32e97492ef3eae66..118d7c2cd50dec5c25c1c3dbe6facccb4e5623da 100644
--- a/helios/templates/election_cast_confirm.html
+++ b/helios/templates/election_cast_confirm.html
@@ -42,34 +42,18 @@ Your smart ballot tracker is:<br /><br />
     <tt style="font-size:1.8em; font-weight: bold; padding-left: 20px;">  {{vote_fingerprint}}</tt>
 </p>
 
-{% if password_only %}
 {% if voter %}
-{% include "_castconfirm_docast.html" %}
-{% else %}
-{% include "_castconfirm_password.html" %}
-{% endif %}
-{% else %}
 
+{% include "_castconfirm_docast.html" %}
 
-{% if user %}
+{% else %}
 
-{% if voter %}
+{% if show_password %}
+{% include "_castconfirm_password.html" %}
 
-{% if election.voting_has_started %}
-  {% if not election.voting_has_stopped %}
-    {% include "_castconfirm_docast.html" %}
-  {% else %}
-<p style="font-size:1.4em;">
-  voting has stopped, sorry.
-</p>
-  {% endif %}
 {% else %}
-<p style="font-size:1.4em;">
-  voting has not yet begun, sorry.
-</p>
-{% endif %}
 
-{% else %}
+{% if user %}
 <p>
 {% if election.openreg %}
 <b>Sorry, you are <em><u>not eligible</u></em> for this election.</b><br />
@@ -80,8 +64,6 @@ Your smart ballot tracker is:<br /><br />
 <p>
     [<a href="{% url helios.views.one_election_view election.uuid %}">return to the main election page</a>]
 </p>
-{% endif %}
-
 {% else %}
 <p>
   Now, we need you to log in, so we can verify your eligibility.<br /><br />
@@ -98,16 +80,14 @@ the same account you registered with.
 {% endif %}
 </p>
 
-{% if show_password %}
-{% include "_castconfirm_password.html" %}
-{% endif %}
-
 {{login_box|safe}}
 
 <br />
 Don't worry, we'll remember your ballot while you log in.
 {% endif %}
 
+{% endif %}
+
 {# this closes the IF ELSE of this being password_only #}
 {% endif %}
 
diff --git a/helios/tests.py b/helios/tests.py
index 3d17ab4bd9248d6450ab4ba5e91d7676adde19e6..cdddb60d160b32d142d2c3aa8ff74e943ac414de 100644
--- a/helios/tests.py
+++ b/helios/tests.py
@@ -118,6 +118,11 @@ class ElectionModelTests(TestCase):
         # without openreg, this should be false
         self.assertFalse(self.election.user_eligible_p(self.user))
         
+        # what about after saving?
+        self.election.save()
+        e = models.Election.objects.get(uuid = self.election.uuid)
+        self.assertEquals(e.eligibility, [{'auth_system': self.user.user_type}])
+
         self.election.openreg = True
 
         # without openreg, and now true
diff --git a/helios/views.py b/helios/views.py
index bddd310c54cfa1c6bb4e56127fc61861d050336b..0298b0ba2866bf2ee278808a6843f7075acf3fad 100644
--- a/helios/views.py
+++ b/helios/views.py
@@ -571,6 +571,7 @@ def one_election_cast_confirm(request, election):
       auth_systems = None
 
     password_only = False
+
     if auth_systems == None or 'password' in auth_systems:
       show_password = True
       password_login_form = forms.VoterPasswordForm()