diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index af501fdf9..b71220df1 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -21,7 +21,7 @@ class AccountController < ApplicationController
 
   # prevents login action to be filtered by check_if_login_required application scope filter
   skip_before_filter :check_if_login_required
-
+  protect_from_forgery :except => [:login,:logout]
   # Login request and validation
   def login
     if request.get?