diff --git a/lib/devise/models/authenticatable.rb b/lib/devise/models/authenticatable.rb
index a37043ca..e4ea1d59 100644
--- a/lib/devise/models/authenticatable.rb
+++ b/lib/devise/models/authenticatable.rb
@@ -49,7 +49,7 @@ module Devise
       # Verifies whether an incoming_password (ie from login) is the user
       # password.
       def valid_password?(incoming_password)
-        password_digest(incoming_password) == encrypted_password
+        !incoming_password.blank? && password_digest(incoming_password) == encrypted_password
       end
 
       protected
@@ -108,18 +108,24 @@ module Devise
           resource if resource.valid_password?(attributes[:password])
         end
 
-        # Do not rely on find_or_initialize_by_attribute since they do not work on most ORMs.
-        def find_or_initialize_by(attribute, value)
-          conditions = { attribute => value }
-          record = find(:first, :conditions => conditions) unless value.blank?
-          record || new.tap { |r| r.send(:"#{attribute}=", value) }
-        end
+        # Find an initialize a record setting an error if it can't be found
+        def find_or_initialize_with_error_by(attribute, value, error=:invalid)
+          if value
+            conditions = { attribute => value }
+            record = find(:first, :conditions => conditions)
+          end
+
+          unless record
+            record = new
+
+            if value
+              record.send(:"#{attribute}=", value)
+              record.errors.add(attribute, error, :default => error.to_s.gsub("_", " "))
+            else
+              record.errors.add(attribute, :blank)
+            end
+          end
 
-        # Attempt to find a user by it's email. If not user is found, returns a
-        # new user with an email not found error.
-        def find_or_initialize_with_error_by_email(email)
-          record = find_or_initialize_by(:email, email)
-          record.errors.add(:email, :not_found, :default => 'not found') if record.new_record?
           record
         end
 
diff --git a/lib/devise/models/confirmable.rb b/lib/devise/models/confirmable.rb
index dde508a3..6d93e01f 100644
--- a/lib/devise/models/confirmable.rb
+++ b/lib/devise/models/confirmable.rb
@@ -128,7 +128,7 @@ module Devise
         # with an email not found error.
         # Options must contain the user email
         def send_confirmation_instructions(attributes={})
-          confirmable = find_or_initialize_with_error_by_email(attributes[:email])
+          confirmable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
           confirmable.reset_confirmation! unless confirmable.new_record?
           confirmable
         end
@@ -138,12 +138,8 @@ module Devise
         # If the user is already confirmed, create an error for the user
         # Options must have the confirmation_token
         def confirm!(attributes={})
-          confirmable = find_or_initialize_by(:confirmation_token, attributes[:confirmation_token])
-          if confirmable.new_record?
-            confirmable.errors.add(:confirmation_token, :invalid)
-          else
-            confirmable.confirm!
-          end
+          confirmable = find_or_initialize_with_error_by(:confirmation_token, attributes[:confirmation_token])        
+          confirmable.confirm! unless confirmable.new_record?
           confirmable
         end
 
diff --git a/lib/devise/models/recoverable.rb b/lib/devise/models/recoverable.rb
index 97f9326d..4bfcbba5 100644
--- a/lib/devise/models/recoverable.rb
+++ b/lib/devise/models/recoverable.rb
@@ -64,7 +64,7 @@ module Devise
         # with an email not found error.
         # Attributes must contain the user email
         def send_reset_password_instructions(attributes={})
-          recoverable = find_or_initialize_with_error_by_email(attributes[:email])
+          recoverable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
           recoverable.send_reset_password_instructions unless recoverable.new_record?
           recoverable
         end
@@ -75,12 +75,8 @@ module Devise
         # containing an error in reset_password_token attribute.
         # Attributes must contain reset_password_token, password and confirmation
         def reset_password!(attributes={})
-          recoverable = find_or_initialize_by(:reset_password_token, attributes[:reset_password_token])
-          if recoverable.new_record?
-            recoverable.errors.add(:reset_password_token, :invalid)
-          else
-            recoverable.reset_password!(attributes[:password], attributes[:password_confirmation])
-          end
+          recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
+          recoverable.reset_password!(attributes[:password], attributes[:password_confirmation]) unless recoverable.new_record?
           recoverable
         end
       end