diff --git a/EnvelopeGenerator.Application/DTOs/EnvelopeReceiver/EnvelopeReceiverSecretDto.cs b/EnvelopeGenerator.Application/DTOs/EnvelopeReceiver/EnvelopeReceiverSecretDto.cs
index 9470766e..ebc529e7 100644
--- a/EnvelopeGenerator.Application/DTOs/EnvelopeReceiver/EnvelopeReceiverSecretDto.cs
+++ b/EnvelopeGenerator.Application/DTOs/EnvelopeReceiver/EnvelopeReceiverSecretDto.cs
@@ -5,5 +5,7 @@
         public string? AccessCode { get; init; }
 
         public string? PhoneNumber { get; init; }
+
+        public EnvelopeReceiverDto WithoutSecrets => this;
     }
 }
\ No newline at end of file
diff --git a/EnvelopeGenerator.Web/Controllers/HomeController.cs b/EnvelopeGenerator.Web/Controllers/HomeController.cs
index 0321a7d5..b245a210 100644
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@@ -18,6 +18,7 @@ using static EnvelopeGenerator.Common.Constants;
 using Ganss.Xss;
 using Newtonsoft.Json;
 using EnvelopeGenerator.Application.DTOs;
+using DigitalData.Core.Client;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
@@ -169,36 +170,30 @@ namespace EnvelopeGenerator.Web.Controllers
 
                 //check access code
                 EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
-                var verification = await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: auth.AccessCode!);
-                if (verification.IsFailed)
-                {
-                    _logger.LogNotice(verification.Notices);
-                    Response.StatusCode = StatusCodes.Status401Unauthorized;
-                    return View("EnvelopeLocked")
-                            .WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
-                }
 
-                return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
-                        SuccessAsync: async er =>
+                return await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverSecretDto, IActionResult>(
+                        SuccessAsync: async er_secret =>
                         {
                             //check the access code verification
-                            if (verification.IsWrong())
+                            if (er_secret.AccessCode != auth.AccessCode)
 							{
 								//Constants.EnvelopeStatus.AccessCodeIncorrect
-								await _historyService.RecordAsync(er.EnvelopeId, er.Receiver!.EmailAddress, Constants.EnvelopeStatus.AccessCodeIncorrect);
+								await _historyService.RecordAsync(er_secret.EnvelopeId, er_secret.Receiver!.EmailAddress, Constants.EnvelopeStatus.AccessCodeIncorrect);
 								Response.StatusCode = StatusCodes.Status401Unauthorized;
 								return View("EnvelopeLocked")
 										.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
 							}
 
-							await _historyService.RecordAsync(er.EnvelopeId, er.Receiver!.EmailAddress, Constants.EnvelopeStatus.AccessCodeCorrect);
+							await _historyService.RecordAsync(er_secret.EnvelopeId, er_secret.Receiver!.EmailAddress, Constants.EnvelopeStatus.AccessCodeCorrect);
 
                             //check if the user has phone is added
-                            if (er.HasPhoneNumber)
+                            if (er_secret.HasPhoneNumber)
                             {
                                 return View("EnvelopeLocked").WithData("ViaSms", true);
                             }
 
+                            var er = er_secret.WithoutSecrets;
+
 							ViewData["EnvelopeKey"] = envelopeReceiverId;
 							//check rejection
 							var rejRcvrs = await _historyService.ReadRejectingReceivers(er.Envelope!.Id);