diff --git a/services/sync/modules/service.js b/services/sync/modules/service.js
index da6c3bb40403..657da10d661a 100644
--- a/services/sync/modules/service.js
+++ b/services/sync/modules/service.js
@@ -267,11 +267,14 @@ WeaveSvc.prototype = {
       this._log.info("Weave Sync disabled");
 
     // Create Weave identities (for logging in, and for encryption)
-    ID.set('WeaveID', new Identity(PWDMGR_PASSWORD_REALM, this.username));
-    Auth.defaultAuthenticator = new BasicAuthenticator(ID.get('WeaveID'));
+    let id = ID.get("WeaveID");
+    if (!id)
+      id = ID.set("WeaveID", new Identity(PWDMGR_PASSWORD_REALM, this.username));
+    Auth.defaultAuthenticator = new BasicAuthenticator(id);
 
-    ID.set('WeaveCryptoID',
-           new Identity(PWDMGR_PASSPHRASE_REALM, this.username));
+    if (!ID.get("WeaveCryptoID"))
+      ID.set("WeaveCryptoID",
+             new Identity(PWDMGR_PASSPHRASE_REALM, this.username));
 
     this._updateCachedURLs();
 
@@ -293,25 +296,9 @@ WeaveSvc.prototype = {
   },
 
   _checkSetup: function WeaveSvc__checkSetup() {
-    if (!this.enabled) {
-      Status.service = STATUS_DISABLED;
-    }
-    else if (!this.username) {
-      this._log.debug("checkSetup: no username set");
-      Status.login = LOGIN_FAILED_NO_USERNAME;
-    }
-    else if (!Utils.mpLocked() && !this.password) {
-      this._log.debug("checkSetup: no password set");
-      Status.login = LOGIN_FAILED_NO_PASSWORD;
-    }
-    else if (!Utils.mpLocked() && !this.passphrase) {
-      this._log.debug("checkSetup: no passphrase set");
-      Status.login = LOGIN_FAILED_NO_PASSPHRASE;
-    }
-    else
-      Status.service = STATUS_OK;
-
-    return Status.service;
+    if (!this.enabled)
+      return Status.service = STATUS_DISABLED;
+    return Status.checkSetup();
   },
 
   _migratePrefs: function _migratePrefs() {
diff --git a/services/sync/modules/status.js b/services/sync/modules/status.js
index 58248c6da779..ee36c5b8a09f 100644
--- a/services/sync/modules/status.js
+++ b/services/sync/modules/status.js
@@ -70,6 +70,45 @@ let Status = {
       this.service = SYNC_FAILED_PARTIAL;
   },
 
+  checkSetup: function checkSetup() {
+    // Check whether we have a username without importing The World(tm).
+    let prefs = Cc["@mozilla.org/preferences-service;1"]
+                .getService(Ci.nsIPrefService)
+                .getBranch(PREFS_BRANCH);
+    let username;
+    try {
+      username = prefs.getCharPref("username");
+    } catch(ex) {}
+    if (!username) {
+      Status.login = LOGIN_FAILED_NO_USERNAME;
+      return Status.service;
+    }
+
+    Cu.import("resource://services-sync/util.js");
+    Cu.import("resource://services-sync/identity.js");
+    if (!Utils.mpLocked()) {
+      let id = ID.get("WeaveID");
+      if (!id)
+        id = ID.set("WeaveID", new Identity(PWDMGR_PASSWORD_REALM, username));
+
+      if (!id.password) {
+        Status.login = LOGIN_FAILED_NO_PASSWORD;
+        return Status.service;
+      }
+
+      id = ID.get("WeaveCryptoID");
+      if (!id)
+        id = ID.set("WeaveCryptoID",
+                    new Identity(PWDMGR_PASSPHRASE_REALM, username));
+
+      if (!id.password) {
+        Status.login = LOGIN_FAILED_NO_PASSPHRASE;
+        return Status.service;
+      }
+    }
+    return Status.service = STATUS_OK;
+  },
+
   resetBackoff: function resetBackoff() {
     this.enforceBackoff = false;
     this.backoffInterval = 0;
diff --git a/services/sync/tests/unit/head_helpers.js b/services/sync/tests/unit/head_helpers.js
index 83a056e5d00c..e138c058ba85 100644
--- a/services/sync/tests/unit/head_helpers.js
+++ b/services/sync/tests/unit/head_helpers.js
@@ -410,6 +410,4 @@ let _ = function(some, debug, text, to) print(Array.slice(arguments).join(" "));
 
 _("Setting the identity for passphrase");
 Cu.import("resource://services-sync/identity.js");
-let passphrase = ID.set("WeaveCryptoID", new Identity());
-passphrase.password = "passphrase";
 
diff --git a/services/sync/tests/unit/test_clients_escape.js b/services/sync/tests/unit/test_clients_escape.js
index e6ceb5ee8057..f3effe07dea9 100644
--- a/services/sync/tests/unit/test_clients_escape.js
+++ b/services/sync/tests/unit/test_clients_escape.js
@@ -2,6 +2,7 @@ Cu.import("resource://services-sync/base_records/crypto.js");
 Cu.import("resource://services-sync/base_records/keys.js");
 Cu.import("resource://services-sync/engines/clients.js");
 Cu.import("resource://services-sync/util.js");
+Cu.import("resource://services-sync/identity.js");
 
 function run_test() {
   let baseUri = "http://fakebase/";
@@ -9,6 +10,9 @@ function run_test() {
   let privUri = baseUri + "privkey";
   let cryptoUri = baseUri + "crypto";
 
+  let passphrase = ID.set("WeaveCryptoID", new Identity());
+  passphrase.password = "passphrase";
+
   _("Setting up fake pub/priv keypair and symkey for encrypt/decrypt");
   PubKeys.defaultKeyUri = baseUri + "pubkey";
   let {pubkey, privkey} = PubKeys.createKeypair(passphrase, pubUri, privUri);
diff --git a/services/sync/tests/unit/test_records_crypto.js b/services/sync/tests/unit/test_records_crypto.js
index f4c66057fce4..1a05c4bb7c92 100644
--- a/services/sync/tests/unit/test_records_crypto.js
+++ b/services/sync/tests/unit/test_records_crypto.js
@@ -39,6 +39,9 @@ function run_test() {
   let server;
   do_test_pending();
 
+  let passphrase = ID.set("WeaveCryptoID", new Identity());
+  passphrase.password = "passphrase";
+
   try {
     let log = Log4Moz.repository.getLogger("Test");
     Log4Moz.repository.rootLogger.addAppender(new Log4Moz.DumpAppender());
diff --git a/services/sync/tests/unit/test_records_cryptometa.js b/services/sync/tests/unit/test_records_cryptometa.js
index 1fe680d63196..a193b0f586b9 100644
--- a/services/sync/tests/unit/test_records_cryptometa.js
+++ b/services/sync/tests/unit/test_records_cryptometa.js
@@ -1,8 +1,12 @@
 Cu.import("resource://services-sync/base_records/crypto.js");
 Cu.import("resource://services-sync/base_records/keys.js");
 Cu.import("resource://services-sync/util.js");
+Cu.import("resource://services-sync/base_records/identity.js");
 
 function run_test() {
+  let passphrase = ID.set("WeaveCryptoID", new Identity());
+  passphrase.password = "passphrase";
+
   _("Generating keypair to encrypt/decrypt symkeys");
   let {pubkey, privkey} = PubKeys.createKeypair(
     passphrase,
diff --git a/services/sync/tests/unit/test_status_checkSetup.js b/services/sync/tests/unit/test_status_checkSetup.js
new file mode 100644
index 000000000000..f5417fd895a0
--- /dev/null
+++ b/services/sync/tests/unit/test_status_checkSetup.js
@@ -0,0 +1,45 @@
+Cu.import("resource://services-sync/constants.js");
+Cu.import("resource://services-sync/identity.js");
+Cu.import("resource://services-sync/status.js");
+Cu.import("resource://services-sync/util.js");
+
+function run_test() {
+  try {
+    _("Verify initial setup.");
+    do_check_eq(ID.get("WeaveID"), null);
+    do_check_eq(ID.get("WeaveCryptoID"), null);
+
+    _("Fresh setup, we're not configured.");
+    do_check_eq(Status.checkSetup(), CLIENT_NOT_CONFIGURED);
+    do_check_eq(Status.login, LOGIN_FAILED_NO_USERNAME);
+    Status.resetSync();
+
+    _("Let's provide a username.");
+    Svc.Prefs.set("username", "johndoe");
+    do_check_eq(Status.checkSetup(), CLIENT_NOT_CONFIGURED);
+    do_check_eq(Status.login, LOGIN_FAILED_NO_PASSWORD);
+    Status.resetSync();
+
+    _("checkSetup() created a WeaveID identity.");
+    let id = ID.get("WeaveID");
+    do_check_true(!!id);
+
+    _("Let's provide a password.");
+    id.password = "carotsalad";
+    do_check_eq(Status.checkSetup(), CLIENT_NOT_CONFIGURED);
+    do_check_eq(Status.login, LOGIN_FAILED_NO_PASSPHRASE);
+    Status.resetSync();
+
+    _("checkSetup() created a WeaveCryptoID identity");
+    id = ID.get("WeaveCryptoID");
+    do_check_true(!!id);
+
+    _("Let's provide a passphrase");
+    id.password = "chickeninacan";
+    do_check_eq(Status.checkSetup(), STATUS_OK);
+    Status.resetSync();
+
+  } finally {
+    Svc.Prefs.resetBranch("");
+  }
+}