diff --git a/ordr2/resources/account.py b/ordr2/resources/account.py
index 24a65ff..62a09b5 100644
--- a/ordr2/resources/account.py
+++ b/ordr2/resources/account.py
@@ -1,5 +1,6 @@
 ''' Resources for account registraion and settings '''
 
+
 from pyramid.security import Allow, Authenticated, Everyone, Deny, DENY_ALL
 
 from ordr2.resources.base import BaseResource
@@ -31,5 +32,5 @@ class AccountResource(BaseResource):
             (Deny, Authenticated, 'register'),
             (Allow, Everyone, 'register'),
             (Allow, Authenticated, 'settings'),
+            DENY_ALL
         ]
-
diff --git a/ordr2/resources/base.py b/ordr2/resources/base.py
index 6376055..68de3d5 100644
--- a/ordr2/resources/base.py
+++ b/ordr2/resources/base.py
@@ -44,7 +44,7 @@ class BaseResource(object):
 
     def __acl__(self):
         ''' access controll list for the resource '''
-        return [DENY_ALL]
+        raise NotImplementedError
 
     def __getitem__(self, key):
         ''' provides the dict like interface to access child resources