diff --git a/plugins/emailstore.js b/plugins/emailstore.js
index 46f93f5..55417ec 100644
--- a/plugins/emailstore.js
+++ b/plugins/emailstore.js
@@ -761,7 +761,6 @@
         }, response);
       }
 
-      var secret;
       if (_.isObject(value)) {
         if (moment().isAfter(value.expires)) {
           return emailPlugin.returnError(emailPlugin.errors.REGISTRATION_EXPIRED, response);
diff --git a/test/test.EmailStore.js b/test/test.EmailStore.js
index ac89845..02c12ac 100644
--- a/test/test.EmailStore.js
+++ b/test/test.EmailStore.js
@@ -8,6 +8,7 @@ var bitcore = require('bitcore');
 var logger = require('../lib/logger').logger;
 var should = chai.should;
 var expect = chai.expect;
+var moment = require('moment');
 
 logger.transports.console.level = 'non';
 
@@ -225,9 +226,12 @@ describe('emailstore test', function() {
 
       it('saves data under the expected key', function(done) {
         setupLevelDb();
-
+        var clock = sinon.useFakeTimers();
         plugin.createVerificationSecretAndSendEmail(fakeEmail, function(err) {
-          leveldb_stub.put.firstCall.args[1].should.equal(fakeRandom);
+          var arg = leveldb_stub.put.firstCall.args[1];
+          arg.secret.should.equal(fakeRandom);
+          arg.expires.isSame(moment().add(7, 'days')).should.be.true;
+          clock.restore();
           done();
         });
       });
@@ -363,7 +367,7 @@ describe('emailstore test', function() {
       response.json.returnsThis();
     });
 
-    it('should validate correctly an email if the secret matches', function() {
+    it('should validate correctly an email if the secret matches (without expiration date)', function() {
       leveldb_stub.get.onFirstCall().callsArgWith(1, null, secret);
       leveldb_stub.del = sinon.stub().yields(null);
       response.redirect = sinon.stub();
@@ -373,6 +377,19 @@ describe('emailstore test', function() {
       assert(response.redirect.firstCall.calledWith(plugin.redirectUrl));
     });
 
+    it('should validate correctly an email if the secret matches (using expiration date)', function() {
+      leveldb_stub.get.onFirstCall().callsArgWith(1, null, {
+        secret: secret,
+        expires: moment().add(7, 'days')
+      });
+      leveldb_stub.del = sinon.stub().yields(null);
+      response.redirect = sinon.stub();
+
+      plugin.validate(request, response);
+
+      assert(response.redirect.firstCall.calledWith(plugin.redirectUrl));
+    });
+
     it('should fail to validate an email if the secret doesn\'t match', function() {
       var invalid = '3';
       leveldb_stub.get.onFirstCall().callsArgWith(1, null, invalid);
@@ -387,6 +404,23 @@ describe('emailstore test', function() {
       }));
       assert(response.end.calledOnce);
     });
+
+    it('should fail to validate an email if the secret has expired', function() {
+      leveldb_stub.get.onFirstCall().callsArgWith(1, null, {
+        secret: secret,
+        expires: moment().subtract(2, 'days')
+      });
+      response.status.returnsThis();
+      response.json.returnsThis();
+
+      plugin.validate(request, response);
+
+      assert(response.status.firstCall.calledWith(plugin.errors.REGISTRATION_EXPIRED.code));
+      assert(response.json.firstCall.calledWith({
+        error: 'Registration expired'
+      }));
+      assert(response.end.calledOnce);
+    });    
   });
 
   describe('removing items', function() {