diff --git a/src/MusicStore/Controllers/ManageController.cs b/src/MusicStore/Controllers/ManageController.cs
index b6f21021db..2faf857601 100644
--- a/src/MusicStore/Controllers/ManageController.cs
+++ b/src/MusicStore/Controllers/ManageController.cs
@@ -163,6 +163,8 @@ namespace MusicStore.Controllers
 
         //
         // GET: /Account/RemovePhoneNumber
+        [HttpPost]
+        [ValidateAntiForgeryToken]
         public async Task<IActionResult> RemovePhoneNumber()
         {
             var user = await GetCurrentUserAsync();
@@ -172,10 +174,10 @@ namespace MusicStore.Controllers
                 if (result.Succeeded)
                 {
                     await SignInManager.SignInAsync(user, isPersistent: false);
-                    return RedirectToAction("Index", new { Message = ManageMessageId.RemovePhoneSuccess });
+                    return RedirectToAction(nameof(Index), new { Message = ManageMessageId.RemovePhoneSuccess });
                 }
             }
-            return RedirectToAction("Index", new { Message = ManageMessageId.Error });
+            return RedirectToAction(nameof(Index), new { Message = ManageMessageId.Error });
         }
 
         //
diff --git a/src/MusicStore/Views/Manage/Index.cshtml b/src/MusicStore/Views/Manage/Index.cshtml
index a99a723f44..79a2d97ddb 100644
--- a/src/MusicStore/Views/Manage/Index.cshtml
+++ b/src/MusicStore/Views/Manage/Index.cshtml
@@ -1,97 +1,70 @@
 @model IndexViewModel
 @{
-    ViewBag.Title = "Manage your account";
+    ViewData["Title"] = "Manage your account";
 }
 
-<h2>@ViewBag.Title.</h2>
+<h2>@ViewData["Title"].</h2>
+<p class="text-success">@ViewData["StatusMessage"]</p>
 
-<p class="text-success">@ViewBag.StatusMessage</p>
 <div>
     <h4>Change your account settings</h4>
     <hr />
     <dl class="dl-horizontal">
         <dt>Password:</dt>
         <dd>
-            [
             @if (Model.HasPassword)
             {
-                <a asp-controller="Manage" asp-action="ChangePassword">Change</a>
+                <text>[&nbsp;&nbsp;<a asp-controller="Manage" asp-action="ChangePassword">Change</a>&nbsp;&nbsp;]</text>
             }
             else
             {
-                <a asp-controller="Manage" asp-action="SetPassword">Create</a>
+                <text>[&nbsp;&nbsp;<a asp-controller="Manage" asp-action="SetPassword">Create</a>&nbsp;&nbsp;]</text>
             }
-            ]
         </dd>
         <dt>External Logins:</dt>
         <dd>
-            @Model.Logins.Count [<a asp-controller="Manage" asp-action="ManageLogins">Manage</a>]
+            @Model.Logins.Count [&nbsp;&nbsp;<a asp-controller="Manage" asp-action="ManageLogins">Manage</a>&nbsp;&nbsp;]
         </dd>
-        @*
-            Phone Numbers can used as a second factor of verification in a two-factor authentication system.
-
-             See <a href="http://go.microsoft.com/fwlink/?LinkId=313242">this article</a>
-                for details on setting up this ASP.NET application to support two-factor authentication using SMS.
-
-             Uncomment the following block after you have set up two-factor authentication
-        *@
-
         <dt>Phone Number:</dt>
         <dd>
-            @(Model.PhoneNumber ?? "None") [
-            @if (Model.PhoneNumber != null)
-            {
-                <a asp-controller="Manage" asp-action="AddPhoneNumber">Change</a>
-                @: &nbsp;|&nbsp;
-                <a asp-controller="Manage" asp-action="RemovePhoneNumber">Remove</a>
-            }
-            else
-            {
-                <a asp-controller="Manage" asp-action="AddPhoneNumber">Add</a>
-            }
-            ]
+            <p>
+                Phone Numbers can used as a second factor of verification in two-factor authentication.
+                See <a href="http://go.microsoft.com/fwlink/?LinkID=532713">this article</a>
+                for details on setting up this ASP.NET application to support two-factor authentication using SMS.
+            </p>
+            @*@(Model.PhoneNumber ?? "None")
+                @if (Model.PhoneNumber != null)
+                {
+                    <br />
+                    <text>[&nbsp;&nbsp;<a asp-controller="Manage" asp-action="AddPhoneNumber">Change</a>&nbsp;&nbsp;]</text>
+                    <form asp-controller="Manage" asp-action="RemovePhoneNumber" method="post" role="form">
+                        [<button type="submit" class="btn-link">Remove</button>]
+                    </form>
+                }
+                else
+                {
+                    <text>[&nbsp;&nbsp;<a asp-controller="Manage" asp-action="AddPhoneNumber">Add</a>&nbsp;&nbsp;]</text>
+                }*@
         </dd>
+
         <dt>Two-Factor Authentication:</dt>
         <dd>
-            @if (Model.TwoFactor)
-            {
-                <form asp-controller="Manage" asp-action="DisableTwoFactorAuthentication" method="post" class="form-horizontal" role="form">
-                    <p>
-                        Enabled
-                        <input type="submit" value="Disable" class="btn btn-link" />
-                    </p>
-                </form>
-            }
-            else
-            {
-                <form asp-controller="Manage" asp-action="EnableTwoFactorAuthentication" method="post" class="form-horizontal" role="form">
-                    <p>
-                        Disabled
-                        <input type="submit" value="Enable" class="btn btn-link" />
-                    </p>
-                </form>
-            }
-        </dd>
-        <dt>Browser remembered:</dt>
-        <dd>
-            @if (Model.BrowserRemembered)
-            {
-                <form asp-controller="Manage" asp-action="ForgetBrowser" method="post" class="form-horizontal" role="form">
-                    <p>
-                        Browser is curently remembered for two factor:
-                        <input type="submit" value="Forget Browser" class="btn btn-default" />
-                    </p>
-                </form>
-            }
-            else
-            {
-                <form asp-controller="Manage" asp-action="ForgetBrowser" method="post" class="form-horizontal" role="form">
-                    <p>
-                        Browser is curently not remembered for two factor:
-                        <input type="submit" value="Remember Browser" class="btn btn-default" />
-                    </p>
-                </form>
-            }
+            <p>
+                There are no two-factor authentication providers configured. See <a href="http://go.microsoft.com/fwlink/?LinkID=532713">this article</a>
+                for setting up this application to support two-factor authentication.
+            </p>
+            @*@if (Model.TwoFactor)
+                {
+                    <form asp-controller="Manage" asp-action="DisableTwoFactorAuthentication" method="post" class="form-horizontal" role="form">
+                        Enabled [<button type="submit" class="btn-link">Disable</button>]
+                    </form>
+                }
+                else
+                {
+                    <form asp-controller="Manage" asp-action="EnableTwoFactorAuthentication" method="post" class="form-horizontal" role="form">
+                        [<button type="submit" class="btn-link">Enable</button>] Disabled
+                    </form>
+                }*@
         </dd>
     </dl>
 </div>
\ No newline at end of file