diff --git a/ethcore/src/engines/authority_round.rs b/ethcore/src/engines/authority_round.rs
index 584ab6f54..6880a3525 100644
--- a/ethcore/src/engines/authority_round.rs
+++ b/ethcore/src/engines/authority_round.rs
@@ -73,14 +73,15 @@ pub struct AuthorityRound {
 	step: AtomicUsize,
 	proposed: AtomicBool,
 	account_provider: Mutex<Option<Arc<AccountProvider>>>,
+	password: RwLock<Option<String>>,
 }
 
 fn header_step(header: &Header) -> Result<usize, ::rlp::DecoderError> {
-	UntrustedRlp::new(&header.seal()[0]).as_val()
+	UntrustedRlp::new(&header.seal().get(0).expect("was either checked with verify_block_basic or is genesis; has 2 fields; qed (Make sure the spec file has a correct genesis seal)")).as_val()
 }
 
 fn header_signature(header: &Header) -> Result<Signature, ::rlp::DecoderError> {
-	UntrustedRlp::new(&header.seal()[1]).as_val::<H520>().map(Into::into)
+	UntrustedRlp::new(&header.seal().get(1).expect("was checked with verify_block_basic; has 2 fields; qed")).as_val::<H520>().map(Into::into)
 }
 
 trait AsMillis {
@@ -107,6 +108,7 @@ impl AuthorityRound {
 				step: AtomicUsize::new(initial_step),
 				proposed: AtomicBool::new(false),
 				account_provider: Mutex::new(None),
+				password: RwLock::new(None),
 			});
 		let handler = TransitionHandler { engine: Arc::downgrade(&engine) };
 		try!(engine.transition_service.register_handler(Arc::new(handler)));
@@ -198,6 +200,7 @@ impl Engine for AuthorityRound {
 	}
 
 	fn populate_from_parent(&self, header: &mut Header, parent: &Header, gas_floor_target: U256, _gas_ceil_target: U256) {
+		header.set_difficulty(parent.difficulty().clone());
 		header.set_gas_limit({
 			let gas_limit = parent.gas_limit().clone();
 			let bound_divisor = self.our_params.gas_limit_bound_divisor;
@@ -225,7 +228,7 @@ impl Engine for AuthorityRound {
 		if self.is_step_proposer(step, header.author()) {
 			if let Some(ref ap) = *self.account_provider.lock() {
 				// Account should be permanently unlocked, otherwise sealing will fail.
-				if let Ok(signature) = ap.sign(*header.author(), None, header.bare_hash()) {
+				if let Ok(signature) = ap.sign(*header.author(), self.password.read().clone(), header.bare_hash()) {
 					trace!(target: "poa", "generate_seal: Issuing a block for step {}.", step);
 					self.proposed.store(true, AtomicOrdering::SeqCst);
 					return Some(vec![encode(&step).to_vec(), encode(&(&*signature as &[u8])).to_vec()]);
@@ -308,6 +311,10 @@ impl Engine for AuthorityRound {
 		*self.message_channel.lock() = Some(message_channel);
 	}
 
+	fn set_signer(&self, _address: Address, password: String) {
+		*self.password.write() = Some(password);
+	}
+
 	fn register_account_provider(&self, account_provider: Arc<AccountProvider>) {
 		*self.account_provider.lock() = Some(account_provider);
 	}
diff --git a/ethcore/src/engines/basic_authority.rs b/ethcore/src/engines/basic_authority.rs
index 264a2d55a..4db8357e6 100644
--- a/ethcore/src/engines/basic_authority.rs
+++ b/ethcore/src/engines/basic_authority.rs
@@ -59,6 +59,7 @@ pub struct BasicAuthority {
 	our_params: BasicAuthorityParams,
 	builtins: BTreeMap<Address, Builtin>,
 	account_provider: Mutex<Option<Arc<AccountProvider>>>,
+	password: RwLock<Option<String>>,
 }
 
 impl BasicAuthority {
@@ -68,7 +69,8 @@ impl BasicAuthority {
 			params: params,
 			our_params: our_params,
 			builtins: builtins,
-			account_provider: Mutex::new(None)
+			account_provider: Mutex::new(None),
+			password: RwLock::new(None),
 		}
 	}
 }
@@ -115,7 +117,7 @@ impl Engine for BasicAuthority {
 			let header = block.header();
 			let message = header.bare_hash();
 			// account should be pernamently unlocked, otherwise sealing will fail
-			if let Ok(signature) = ap.sign(*block.header().author(), None, message) {
+			if let Ok(signature) = ap.sign(*block.header().author(), self.password.read().clone(), message) {
 				return Some(vec![::rlp::encode(&(&*signature as &[u8])).to_vec()]);
 			} else {
 				trace!(target: "basicauthority", "generate_seal: FAIL: accounts secret key unavailable");
@@ -177,6 +179,10 @@ impl Engine for BasicAuthority {
 		t.sender().map(|_|()) // Perform EC recovery and cache sender
 	}
 
+	fn set_signer(&self, _address: Address, password: String) {
+		*self.password.write() = Some(password);
+	}
+
 	fn register_account_provider(&self, ap: Arc<AccountProvider>) {
 		*self.account_provider.lock() = Some(ap);
 	}
diff --git a/parity/run.rs b/parity/run.rs
index 2a719fb66..0c4ad3d4c 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -224,8 +224,10 @@ pub fn execute(cmd: RunCmd, logger: Arc<RotatingLogger>) -> Result<(), String> {
 	miner.set_extra_data(cmd.miner_extras.extra_data);
 	miner.set_transactions_limit(cmd.miner_extras.transactions_limit);
 	let engine_signer = cmd.miner_extras.engine_signer;
-	if !passwords.into_iter().any(|p| miner.set_engine_signer(engine_signer, p).is_ok()) {
-		return Err(format!("No password found for the consensus signer {}. Make sure valid password is present in files passed using `--password`.", cmd.miner_extras.engine_signer));
+	if engine_signer != Default::default() {
+		if !passwords.into_iter().any(|p| miner.set_engine_signer(engine_signer, p).is_ok()) {
+			return Err(format!("No password found for the consensus signer {}. Make sure valid password is present in files passed using `--password`.", engine_signer));
+		}
 	}
 
 	// create client config