diff --git a/.gitignore b/.gitignore
index d1ddcc3..626194c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@
 .tool-versions
 .yarn-integrity
 .DS_Store
+.installed
 /log/*
 /tmp/*
 /storage/*
diff --git a/README.md b/README.md
index b1c50e8..80f2bdc 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,20 @@ When translators disagree on a translation or want to suggest alternatives (regi
 
 ---
 
+## Setup / First User
+
+When the file `.installed` is missing, the `/setup` route is accessible for creating the initial admin account. The first user created will be the system's default contact email (accessible via `User.first.email`).
+
+For detailed setup instructions, see [SETUP_GUIDE.md](docs/SETUP_GUIDE.md).
+
+**Quick Start:**
+1. Deploy the application
+2. Navigate to `/setup`
+3. Create your admin account
+4. Start inviting contributors
+
+---
+
 ## Authentication Flow
 
 ### Public Access
diff --git a/app/controllers/admin/base_controller.rb b/app/controllers/admin/base_controller.rb
new file mode 100644
index 0000000..f7f80c4
--- /dev/null
+++ b/app/controllers/admin/base_controller.rb
@@ -0,0 +1,4 @@
+class Admin::BaseController < ApplicationController
+  before_action :require_admin
+  layout "admin"
+end
diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb
new file mode 100644
index 0000000..9a1cdfb
--- /dev/null
+++ b/app/controllers/admin/dashboard_controller.rb
@@ -0,0 +1,32 @@
+class Admin::DashboardController < Admin::BaseController
+  def index
+    @user_count = User.count
+    @contributor_count = User.contributor.count
+    @reviewer_count = User.reviewer.count
+    @admin_count = User.admin.count
+
+    @entry_count = Entry.count
+    @verified_count = Entry.where(verified: true).count
+    @unverified_count = @entry_count - @verified_count
+
+    @pending_suggestions_count = SuggestedMeaning.pending.count
+    @accepted_suggestions_count = SuggestedMeaning.accepted.count
+    @rejected_suggestions_count = SuggestedMeaning.rejected.count
+
+    @comment_count = Comment.count
+
+    @recent_users = User.order(created_at: :desc).limit(5)
+    @recent_entries = Entry.order(created_at: :desc).limit(5)
+    @pending_invitations = User.where.not(invitation_token: nil)
+                                 .where(invitation_accepted_at: nil)
+                                 .where("invitation_sent_at > ?", 14.days.ago)
+                                 .count
+
+    @supported_languages = SupportedLanguage.where(active: true).order(:sort_order)
+    @language_completion = @supported_languages.index_with do |language|
+      next 0 if @entry_count.zero?
+
+      (Entry.where.not(language.code => [ nil, "" ]).count * 100.0 / @entry_count).round
+    end
+  end
+end
diff --git a/app/controllers/admin/invitations_controller.rb b/app/controllers/admin/invitations_controller.rb
new file mode 100644
index 0000000..211635a
--- /dev/null
+++ b/app/controllers/admin/invitations_controller.rb
@@ -0,0 +1,49 @@
+class Admin::InvitationsController < Admin::BaseController
+  def index
+    @pending_invitations = User.where.not(invitation_token: nil)
+                                .where(invitation_accepted_at: nil)
+                                .order(invitation_sent_at: :desc)
+    @accepted_invitations = User.where.not(invitation_accepted_at: nil)
+                                 .order(invitation_accepted_at: :desc)
+                                 .limit(20)
+  end
+
+  def new
+    @invitation = User.new
+  end
+
+  def create
+    @invitation = User.new(invitation_params)
+    @invitation.invitation_token = SecureRandom.urlsafe_base64(32)
+    @invitation.invitation_sent_at = Time.current
+    @invitation.invited_by = current_user
+    @invitation.password = SecureRandom.urlsafe_base64(16)
+
+    if @invitation.save
+      # TODO: Send invitation email
+      # InvitationMailer.invite(@invitation).deliver_later
+
+      redirect_to admin_invitations_path, notice: "Invitation sent to #{@invitation.email}"
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    @invitation = User.find(params[:id])
+
+    if @invitation.invitation_accepted_at.present?
+      redirect_to admin_invitations_path, alert: "Cannot cancel an accepted invitation."
+      return
+    end
+
+    @invitation.destroy
+    redirect_to admin_invitations_path, notice: "Invitation cancelled."
+  end
+
+  private
+
+  def invitation_params
+    params.require(:user).permit(:email, :name, :role, :primary_language)
+  end
+end
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
new file mode 100644
index 0000000..01ef353
--- /dev/null
+++ b/app/controllers/admin/users_controller.rb
@@ -0,0 +1,45 @@
+class Admin::UsersController < Admin::BaseController
+  before_action :set_user, only: [ :edit, :update, :destroy ]
+
+  def index
+    @users = User.order(created_at: :desc)
+    @users = @users.where(role: params[:role]) if params[:role].present?
+    @users = @users.where("email LIKE ?", "%#{params[:q]}%") if params[:q].present?
+  end
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to admin_users_path, notice: "User updated successfully."
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    if @user == current_user
+      redirect_to admin_users_path, alert: "You cannot delete your own account."
+      return
+    end
+
+    if @user == User.first
+      redirect_to admin_users_path, alert: "Cannot delete the first admin user (system default contact)."
+      return
+    end
+
+    @user.destroy
+    redirect_to admin_users_path, notice: "User deleted successfully."
+  end
+
+  private
+
+  def set_user
+    @user = User.find(params[:id])
+  end
+
+  def user_params
+    params.require(:user).permit(:name, :email, :role, :primary_language)
+  end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c353756..e746ab7 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,7 +1,57 @@
 class ApplicationController < ActionController::Base
-  # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
-  allow_browser versions: :modern
 
   # Changes to the importmap will invalidate the etag for HTML responses
   stale_when_importmap_changes
+
+  helper_method :current_user, :logged_in?, :admin?, :reviewer_or_admin?, :contributor_or_above?, :setup_completed?
+
+  private
+
+  def current_user
+    @current_user ||= User.find_by(id: session[:user_id]) if session[:user_id]
+  end
+
+  def logged_in?
+    current_user.present?
+  end
+
+  def admin?
+    logged_in? && current_user.admin?
+  end
+
+  def reviewer_or_admin?
+    logged_in? && (current_user.reviewer? || current_user.admin?)
+  end
+
+  def contributor_or_above?
+    logged_in?
+  end
+
+  def require_login
+    unless logged_in?
+      redirect_to login_path, alert: "You must be logged in to access this page."
+    end
+  end
+
+  def require_admin
+    unless admin?
+      redirect_to root_path, alert: "You must be an administrator to access this page."
+    end
+  end
+
+  def require_reviewer
+    unless reviewer_or_admin?
+      redirect_to root_path, alert: "You must be a reviewer or administrator to access this page."
+    end
+  end
+
+  def require_contributor
+    unless contributor_or_above?
+      redirect_to root_path, alert: "You must be a contributor to access this page."
+    end
+  end
+
+  def setup_completed?
+    File.exist?(Rails.root.join(".installed"))
+  end
 end
diff --git a/app/controllers/setup_controller.rb b/app/controllers/setup_controller.rb
new file mode 100644
index 0000000..d250be0
--- /dev/null
+++ b/app/controllers/setup_controller.rb
@@ -0,0 +1,45 @@
+class SetupController < ApplicationController
+  before_action :check_setup_allowed
+
+  def show
+    @user = User.new(role: :admin)
+  end
+
+  def create
+    @user = User.new(user_params)
+    @user.role = :admin
+    @user.invitation_accepted_at = Time.current
+
+    if @user.save
+      create_installed_marker
+      session[:user_id] = @user.id
+      redirect_to admin_root_path, notice: "Setup complete! Welcome to Sanasto Wiki."
+    else
+      render :show, status: :unprocessable_entity
+    end
+  end
+
+  private
+
+  def check_setup_allowed
+    if setup_completed?
+      redirect_to root_path, alert: "Setup has already been completed."
+    end
+  end
+
+  def setup_completed?
+    File.exist?(installed_marker_path)
+  end
+
+  def installed_marker_path
+    Rails.root.join(".installed")
+  end
+
+  def create_installed_marker
+    FileUtils.touch(installed_marker_path)
+  end
+
+  def user_params
+    params.require(:user).permit(:email, :name, :password, :password_confirmation, :primary_language)
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index a20f371..a342752 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -20,4 +20,5 @@ class User < ApplicationRecord
   enum :role, %i[contributor reviewer admin]
 
   validates :email, presence: true, uniqueness: true
+  validates :password, length: { minimum: 12 }, if: -> { password.present? }
 end
diff --git a/app/views/admin/dashboard/index.html.erb b/app/views/admin/dashboard/index.html.erb
new file mode 100644
index 0000000..dda36ed
--- /dev/null
+++ b/app/views/admin/dashboard/index.html.erb
@@ -0,0 +1,204 @@
+<% content_for :title, "Dashboard" %>
+
+<div class="space-y-6">
+  <div>
+    <h2 class="text-3xl font-bold text-gray-900">Dashboard</h2>
+    <p class="mt-1 text-sm text-gray-600">Overview of Sanasto Wiki statistics</p>
+  </div>
+
+  <!-- Statistics Cards -->
+  <div class="grid grid-cols-1 gap-5 sm:grid-cols-2 lg:grid-cols-4">
+    <!-- Users -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+      <div class="p-5">
+        <div class="flex items-center">
+          <div class="flex-shrink-0">
+            <svg class="h-6 w-6 text-gray-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+              <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 4.354a4 4 0 110 5.292M15 21H3v-1a6 6 0 0112 0v1zm0 0h6v-1a6 6 0 00-9-5.197M13 7a4 4 0 11-8 0 4 4 0 018 0z"></path>
+            </svg>
+          </div>
+          <div class="ml-5 w-0 flex-1">
+            <dl>
+              <dt class="text-sm font-medium text-gray-500 truncate">Total Users</dt>
+              <dd class="text-3xl font-semibold text-gray-900"><%= @user_count %></dd>
+            </dl>
+          </div>
+        </div>
+      </div>
+      <div class="bg-gray-50 px-5 py-3">
+        <div class="text-sm">
+          <span class="font-medium text-gray-700"><%= @admin_count %></span> admins,
+          <span class="font-medium text-gray-700"><%= @reviewer_count %></span> reviewers,
+          <span class="font-medium text-gray-700"><%= @contributor_count %></span> contributors
+        </div>
+      </div>
+    </div>
+
+    <!-- Entries -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+      <div class="p-5">
+        <div class="flex items-center">
+          <div class="flex-shrink-0">
+            <svg class="h-6 w-6 text-gray-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+              <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 6.253v13m0-13C10.832 5.477 9.246 5 7.5 5S4.168 5.477 3 6.253v13C4.168 18.477 5.754 18 7.5 18s3.332.477 4.5 1.253m0-13C13.168 5.477 14.754 5 16.5 5c1.747 0 3.332.477 4.5 1.253v13C19.832 18.477 18.247 18 16.5 18c-1.746 0-3.332.477-4.5 1.253"></path>
+            </svg>
+          </div>
+          <div class="ml-5 w-0 flex-1">
+            <dl>
+              <dt class="text-sm font-medium text-gray-500 truncate">Total Entries</dt>
+              <dd class="text-3xl font-semibold text-gray-900"><%= @entry_count %></dd>
+            </dl>
+          </div>
+        </div>
+      </div>
+      <div class="bg-gray-50 px-5 py-3">
+        <div class="text-sm">
+          <span class="font-medium text-green-700"><%= @verified_count %></span> verified,
+          <span class="font-medium text-amber-700"><%= @unverified_count %></span> unverified
+        </div>
+      </div>
+    </div>
+
+    <!-- Suggestions -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+      <div class="p-5">
+        <div class="flex items-center">
+          <div class="flex-shrink-0">
+            <svg class="h-6 w-6 text-gray-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+              <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z"></path>
+            </svg>
+          </div>
+          <div class="ml-5 w-0 flex-1">
+            <dl>
+              <dt class="text-sm font-medium text-gray-500 truncate">Suggestions</dt>
+              <dd class="text-3xl font-semibold text-gray-900"><%= @pending_suggestions_count %></dd>
+            </dl>
+          </div>
+        </div>
+      </div>
+      <div class="bg-gray-50 px-5 py-3">
+        <div class="text-sm">
+          <span class="font-medium text-green-700"><%= @accepted_suggestions_count %></span> accepted,
+          <span class="font-medium text-red-700"><%= @rejected_suggestions_count %></span> rejected
+        </div>
+      </div>
+    </div>
+
+    <!-- Invitations -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+      <div class="p-5">
+        <div class="flex items-center">
+          <div class="flex-shrink-0">
+            <svg class="h-6 w-6 text-gray-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+              <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M3 8l7.89 5.26a2 2 0 002.22 0L21 8M5 19h14a2 2 0 002-2V7a2 2 0 00-2-2H5a2 2 0 00-2 2v10a2 2 0 002 2z"></path>
+            </svg>
+          </div>
+          <div class="ml-5 w-0 flex-1">
+            <dl>
+              <dt class="text-sm font-medium text-gray-500 truncate">Pending Invites</dt>
+              <dd class="text-3xl font-semibold text-gray-900"><%= @pending_invitations %></dd>
+            </dl>
+          </div>
+        </div>
+      </div>
+      <div class="bg-gray-50 px-5 py-3">
+        <div class="text-sm">
+          <%= link_to "Send invitation", new_admin_invitation_path, class: "font-medium text-blue-600 hover:text-blue-500" %>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <!-- Language Completion -->
+  <div class="bg-white shadow rounded-lg">
+    <div class="px-4 py-5 sm:p-6">
+      <h3 class="text-lg leading-6 font-medium text-gray-900">Language Completion</h3>
+      <div class="mt-5">
+        <div class="space-y-4">
+          <% @supported_languages.each do |language| %>
+            <div>
+              <div class="flex items-center justify-between">
+                <span class="text-sm font-medium text-gray-700"><%= language.native_name %></span>
+                <span class="text-sm font-medium text-gray-700"><%= @language_completion[language] %>%</span>
+              </div>
+              <div class="mt-1 w-full bg-gray-200 rounded-full h-2">
+                <div class="bg-blue-600 h-2 rounded-full" style="width: <%= @language_completion[language] %>%"></div>
+              </div>
+            </div>
+          <% end %>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <!-- Recent Activity -->
+  <div class="grid grid-cols-1 gap-5 lg:grid-cols-2">
+    <!-- Recent Users -->
+    <div class="bg-white shadow rounded-lg">
+      <div class="px-4 py-5 sm:p-6">
+        <h3 class="text-lg leading-6 font-medium text-gray-900 mb-4">Recent Users</h3>
+        <div class="flow-root">
+          <ul class="-my-5 divide-y divide-gray-200">
+            <% @recent_users.each do |user| %>
+              <li class="py-4">
+                <div class="flex items-center space-x-4">
+                  <div class="flex-1 min-w-0">
+                    <p class="text-sm font-medium text-gray-900 truncate">
+                      <%= user.name || user.email %>
+                    </p>
+                    <p class="text-sm text-gray-500 truncate">
+                      <%= user.email %>
+                    </p>
+                  </div>
+                  <div>
+                    <span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-blue-100 text-blue-800">
+                      <%= user.role %>
+                    </span>
+                  </div>
+                </div>
+              </li>
+            <% end %>
+          </ul>
+        </div>
+        <div class="mt-6">
+          <%= link_to "View all users →", admin_users_path, class: "text-sm font-medium text-blue-600 hover:text-blue-500" %>
+        </div>
+      </div>
+    </div>
+
+    <!-- Recent Entries -->
+    <div class="bg-white shadow rounded-lg">
+      <div class="px-4 py-5 sm:p-6">
+        <h3 class="text-lg leading-6 font-medium text-gray-900 mb-4">Recent Entries</h3>
+        <div class="flow-root">
+          <ul class="-my-5 divide-y divide-gray-200">
+            <% @recent_entries.each do |entry| %>
+              <li class="py-4">
+                <div class="flex items-center space-x-4">
+                  <div class="flex-1 min-w-0">
+                    <p class="text-sm font-medium text-gray-900 truncate">
+                      <%= entry.fi || entry.en || entry.sv || "(No translation)" %>
+                    </p>
+                    <p class="text-sm text-gray-500 truncate">
+                      <%= entry.category.humanize %>
+                    </p>
+                  </div>
+                  <div>
+                    <% if entry.verified? %>
+                      <span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800">
+                        verified
+                      </span>
+                    <% end %>
+                  </div>
+                </div>
+              </li>
+            <% end %>
+          </ul>
+        </div>
+        <div class="mt-6">
+          <%= link_to "View all entries →", entries_path, class: "text-sm font-medium text-blue-600 hover:text-blue-500" %>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/app/views/admin/invitations/index.html.erb b/app/views/admin/invitations/index.html.erb
new file mode 100644
index 0000000..9b00a76
--- /dev/null
+++ b/app/views/admin/invitations/index.html.erb
@@ -0,0 +1,130 @@
+<% content_for :title, "Invitations" %>
+
+<div class="space-y-6">
+  <div class="flex items-center justify-between">
+    <div>
+      <h2 class="text-3xl font-bold text-gray-900">Invitations</h2>
+      <p class="mt-1 text-sm text-gray-600">Manage user invitations</p>
+    </div>
+    <div>
+      <%= link_to "Send New Invitation", new_admin_invitation_path, class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+    </div>
+  </div>
+
+  <!-- Pending Invitations -->
+  <div class="bg-white shadow rounded-lg overflow-hidden">
+    <div class="px-4 py-5 sm:px-6 bg-gray-50 border-b border-gray-200">
+      <h3 class="text-lg leading-6 font-medium text-gray-900">
+        Pending Invitations
+        <span class="ml-2 px-2 py-1 text-xs font-semibold rounded-full bg-yellow-100 text-yellow-800">
+          <%= @pending_invitations.count %>
+        </span>
+      </h3>
+    </div>
+    <% if @pending_invitations.any? %>
+      <table class="min-w-full divide-y divide-gray-200">
+        <thead class="bg-gray-50">
+          <tr>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Email</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Role</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Sent</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Expires</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Invited By</th>
+            <th scope="col" class="relative px-6 py-3">
+              <span class="sr-only">Actions</span>
+            </th>
+          </tr>
+        </thead>
+        <tbody class="bg-white divide-y divide-gray-200">
+          <% @pending_invitations.each do |invitation| %>
+            <tr>
+              <td class="px-6 py-4 whitespace-nowrap text-sm font-medium text-gray-900">
+                <%= invitation.email %>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap">
+                <span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full
+                  <%= case invitation.role
+                      when 'admin' then 'bg-purple-100 text-purple-800'
+                      when 'reviewer' then 'bg-blue-100 text-blue-800'
+                      else 'bg-green-100 text-green-800'
+                      end %>">
+                  <%= invitation.role %>
+                </span>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                <%= invitation.invitation_sent_at.strftime("%b %d, %Y") %>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                <% expires_at = invitation.invitation_sent_at + 14.days %>
+                <% if expires_at < Time.current %>
+                  <span class="text-red-600 font-medium">Expired</span>
+                <% else %>
+                  <%= expires_at.strftime("%b %d, %Y") %>
+                <% end %>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                <%= invitation.invited_by&.name || invitation.invited_by&.email || "-" %>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-right text-sm font-medium">
+                <%= button_to "Cancel", admin_invitation_path(invitation), method: :delete, data: { turbo_confirm: "Are you sure you want to cancel this invitation?" }, class: "text-red-600 hover:text-red-900" %>
+              </td>
+            </tr>
+          <% end %>
+        </tbody>
+      </table>
+    <% else %>
+      <div class="px-6 py-12 text-center">
+        <p class="text-gray-500">No pending invitations</p>
+      </div>
+    <% end %>
+  </div>
+
+  <!-- Recent Accepted Invitations -->
+  <div class="bg-white shadow rounded-lg overflow-hidden">
+    <div class="px-4 py-5 sm:px-6 bg-gray-50 border-b border-gray-200">
+      <h3 class="text-lg leading-6 font-medium text-gray-900">Recently Accepted</h3>
+    </div>
+    <% if @accepted_invitations.any? %>
+      <table class="min-w-full divide-y divide-gray-200">
+        <thead class="bg-gray-50">
+          <tr>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">User</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Role</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Accepted</th>
+            <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Invited By</th>
+          </tr>
+        </thead>
+        <tbody class="bg-white divide-y divide-gray-200">
+          <% @accepted_invitations.each do |user| %>
+            <tr>
+              <td class="px-6 py-4 whitespace-nowrap">
+                <div class="text-sm font-medium text-gray-900"><%= user.name || "(No name)" %></div>
+                <div class="text-sm text-gray-500"><%= user.email %></div>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap">
+                <span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full
+                  <%= case user.role
+                      when 'admin' then 'bg-purple-100 text-purple-800'
+                      when 'reviewer' then 'bg-blue-100 text-blue-800'
+                      else 'bg-green-100 text-green-800'
+                      end %>">
+                  <%= user.role %>
+                </span>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                <%= user.invitation_accepted_at.strftime("%b %d, %Y") %>
+              </td>
+              <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                <%= user.invited_by&.name || user.invited_by&.email || "-" %>
+              </td>
+            </tr>
+          <% end %>
+        </tbody>
+      </table>
+    <% else %>
+      <div class="px-6 py-12 text-center">
+        <p class="text-gray-500">No accepted invitations yet</p>
+      </div>
+    <% end %>
+  </div>
+</div>
diff --git a/app/views/admin/invitations/new.html.erb b/app/views/admin/invitations/new.html.erb
new file mode 100644
index 0000000..f7d5f73
--- /dev/null
+++ b/app/views/admin/invitations/new.html.erb
@@ -0,0 +1,78 @@
+<% content_for :title, "Send Invitation" %>
+
+<div class="space-y-6">
+  <div>
+    <%= link_to "← Back to Invitations", admin_invitations_path, class: "text-sm font-medium text-blue-600 hover:text-blue-500" %>
+  </div>
+
+  <div>
+    <h2 class="text-3xl font-bold text-gray-900">Send Invitation</h2>
+    <p class="mt-1 text-sm text-gray-600">Invite a new user to join Sanasto Wiki</p>
+  </div>
+
+  <div class="bg-white shadow rounded-lg">
+    <div class="px-4 py-5 sm:p-6">
+      <%= form_with model: @invitation, url: admin_invitations_path, class: "space-y-6" do |f| %>
+        <% if @invitation.errors.any? %>
+          <div class="rounded-md bg-red-50 p-4">
+            <div class="flex">
+              <div class="ml-3">
+                <h3 class="text-sm font-medium text-red-800">
+                  <%= pluralize(@invitation.errors.count, "error") %> prohibited this invitation from being sent:
+                </h3>
+                <div class="mt-2 text-sm text-red-700">
+                  <ul class="list-disc pl-5 space-y-1">
+                    <% @invitation.errors.full_messages.each do |message| %>
+                      <li><%= message %></li>
+                    <% end %>
+                  </ul>
+                </div>
+              </div>
+            </div>
+          </div>
+        <% end %>
+
+        <div>
+          <%= f.label :email, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.email_field :email, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "user@example.com" %>
+          <p class="mt-2 text-sm text-gray-500">The user will receive an invitation email with a link to register.</p>
+        </div>
+
+        <div>
+          <%= f.label :name, "Name (optional)", class: "block text-sm font-medium text-gray-700" %>
+          <%= f.text_field :name, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "John Doe" %>
+        </div>
+
+        <div>
+          <%= f.label :role, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.select :role, User.roles.keys.map { |r| [r.humanize, r] }, {}, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+          <p class="mt-2 text-sm text-gray-500">
+            <strong>Contributor:</strong> Can create/edit entries and comments.<br>
+            <strong>Reviewer:</strong> Can review suggestions and verify entries.<br>
+            <strong>Admin:</strong> Full access to all features.
+          </p>
+        </div>
+
+        <div>
+          <%= f.label :primary_language, "Primary Language (optional)", class: "block text-sm font-medium text-gray-700" %>
+          <%= f.select :primary_language, SupportedLanguage.pluck(:code, :native_name), { include_blank: "Select language" }, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+        </div>
+
+        <div class="bg-yellow-50 border-l-4 border-yellow-400 p-4">
+          <div class="flex">
+            <div class="ml-3">
+              <p class="text-sm text-yellow-700">
+                <strong>Note:</strong> The invitation link will expire in 14 days. The user will need to accept the invitation before the expiration date.
+              </p>
+            </div>
+          </div>
+        </div>
+
+        <div class="flex items-center justify-end space-x-4">
+          <%= link_to "Cancel", admin_invitations_path, class: "px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+          <%= f.submit "Send Invitation", class: "inline-flex justify-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+        </div>
+      <% end %>
+    </div>
+  </div>
+</div>
diff --git a/app/views/admin/users/edit.html.erb b/app/views/admin/users/edit.html.erb
new file mode 100644
index 0000000..fd68e3a
--- /dev/null
+++ b/app/views/admin/users/edit.html.erb
@@ -0,0 +1,62 @@
+<% content_for :title, "Edit User" %>
+
+<div class="space-y-6">
+  <div>
+    <%= link_to "← Back to Users", admin_users_path, class: "text-sm font-medium text-blue-600 hover:text-blue-500" %>
+  </div>
+
+  <div>
+    <h2 class="text-3xl font-bold text-gray-900">Edit User</h2>
+    <p class="mt-1 text-sm text-gray-600">Update user information and permissions</p>
+  </div>
+
+  <div class="bg-white shadow rounded-lg">
+    <div class="px-4 py-5 sm:p-6">
+      <%= form_with model: @user, url: admin_user_path(@user), method: :patch, class: "space-y-6" do |f| %>
+        <% if @user.errors.any? %>
+          <div class="rounded-md bg-red-50 p-4">
+            <div class="flex">
+              <div class="ml-3">
+                <h3 class="text-sm font-medium text-red-800">
+                  <%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:
+                </h3>
+                <div class="mt-2 text-sm text-red-700">
+                  <ul class="list-disc pl-5 space-y-1">
+                    <% @user.errors.full_messages.each do |message| %>
+                      <li><%= message %></li>
+                    <% end %>
+                  </ul>
+                </div>
+              </div>
+            </div>
+          </div>
+        <% end %>
+
+        <div>
+          <%= f.label :name, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.text_field :name, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+        </div>
+
+        <div>
+          <%= f.label :email, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.email_field :email, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+        </div>
+
+        <div>
+          <%= f.label :role, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.select :role, User.roles.keys.map { |r| [r.humanize, r] }, {}, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+        </div>
+
+        <div>
+          <%= f.label :primary_language, class: "block text-sm font-medium text-gray-700" %>
+          <%= f.select :primary_language, SupportedLanguage.pluck(:code, :native_name), { include_blank: "Select language" }, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+        </div>
+
+        <div class="flex items-center justify-end space-x-4">
+          <%= link_to "Cancel", admin_users_path, class: "px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+          <%= f.submit "Update User", class: "inline-flex justify-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+        </div>
+      <% end %>
+    </div>
+  </div>
+</div>
diff --git a/app/views/admin/users/index.html.erb b/app/views/admin/users/index.html.erb
new file mode 100644
index 0000000..987cd05
--- /dev/null
+++ b/app/views/admin/users/index.html.erb
@@ -0,0 +1,97 @@
+<% content_for :title, "Users" %>
+
+<div class="space-y-6">
+  <div class="flex items-center justify-between">
+    <div>
+      <h2 class="text-3xl font-bold text-gray-900">User Management</h2>
+      <p class="mt-1 text-sm text-gray-600">Manage user accounts and permissions</p>
+    </div>
+    <div>
+      <%= link_to "Send Invitation", new_admin_invitation_path, class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500" %>
+    </div>
+  </div>
+
+  <!-- Filters -->
+  <div class="bg-white shadow rounded-lg p-4">
+    <%= form_with url: admin_users_path, method: :get, class: "flex gap-4" do |f| %>
+      <div class="flex-1">
+        <%= f.text_field :q, value: params[:q], placeholder: "Search by email...", class: "block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+      </div>
+      <div>
+        <%= f.select :role, options_for_select([["All Roles", ""], ["Contributors", "contributor"], ["Reviewers", "reviewer"], ["Admins", "admin"]], params[:role]), {}, class: "block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+      </div>
+      <div>
+        <%= f.submit "Filter", class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700" %>
+      </div>
+    <% end %>
+  </div>
+
+  <!-- Users Table -->
+  <div class="bg-white shadow rounded-lg overflow-hidden">
+    <table class="min-w-full divide-y divide-gray-200">
+      <thead class="bg-gray-50">
+        <tr>
+          <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">User</th>
+          <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Role</th>
+          <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Primary Language</th>
+          <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Joined</th>
+          <th scope="col" class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Status</th>
+          <th scope="col" class="relative px-6 py-3">
+            <span class="sr-only">Actions</span>
+          </th>
+        </tr>
+      </thead>
+      <tbody class="bg-white divide-y divide-gray-200">
+        <% @users.each do |user| %>
+          <tr>
+            <td class="px-6 py-4 whitespace-nowrap">
+              <div class="flex items-center">
+                <div>
+                  <div class="text-sm font-medium text-gray-900">
+                    <%= user.name || "(No name)" %>
+                  </div>
+                  <div class="text-sm text-gray-500">
+                    <%= user.email %>
+                  </div>
+                </div>
+              </div>
+            </td>
+            <td class="px-6 py-4 whitespace-nowrap">
+              <span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full
+                <%= case user.role
+                    when 'admin' then 'bg-purple-100 text-purple-800'
+                    when 'reviewer' then 'bg-blue-100 text-blue-800'
+                    else 'bg-green-100 text-green-800'
+                    end %>">
+                <%= user.role %>
+              </span>
+            </td>
+            <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+              <%= user.primary_language&.upcase || "-" %>
+            </td>
+            <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+              <%= user.invitation_accepted_at&.strftime("%b %d, %Y") || user.created_at.strftime("%b %d, %Y") %>
+            </td>
+            <td class="px-6 py-4 whitespace-nowrap">
+              <% if user.invitation_accepted_at.present? %>
+                <span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full bg-green-100 text-green-800">
+                  Active
+                </span>
+              <% else %>
+                <span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full bg-yellow-100 text-yellow-800">
+                  Invited
+                </span>
+              <% end %>
+            </td>
+            <td class="px-6 py-4 whitespace-nowrap text-right text-sm font-medium">
+              <%= link_to "Edit", edit_admin_user_path(user), class: "text-blue-600 hover:text-blue-900 mr-4" %>
+              <% if user != current_user && user != User.first %>
+                <%= button_to "Delete", admin_user_path(user), method: :delete, data: { turbo_confirm: "Are you sure you want to delete this user?" }, class: "text-red-600 hover:text-red-900" %>
+              <% end %>
+            </td>
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </div>
+</div>
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb
new file mode 100644
index 0000000..7b504dd
--- /dev/null
+++ b/app/views/layouts/admin.html.erb
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title><%= content_for(:title) || "Admin Dashboard" %> - Sanasto Wiki</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+    <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %>
+    <%= javascript_importmap_tags %>
+    <script src="https://cdn.tailwindcss.com"></script>
+  </head>
+
+  <body class="bg-gray-100 text-gray-900 font-sans antialiased">
+    <div class="min-h-screen flex flex-col">
+      <!-- Header -->
+      <header class="bg-blue-600 text-white shadow-md">
+        <div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
+          <div class="flex items-center justify-between h-16">
+            <div class="flex items-center">
+              <h1 class="text-2xl font-bold">
+                <%= link_to "Sanasto Admin", admin_root_path, class: "hover:text-blue-100" %>
+              </h1>
+            </div>
+            <nav class="flex space-x-4">
+              <%= link_to "Dashboard", admin_dashboard_path, class: "px-3 py-2 rounded-md text-sm font-medium hover:bg-blue-700" %>
+              <%= link_to "Users", admin_users_path, class: "px-3 py-2 rounded-md text-sm font-medium hover:bg-blue-700" %>
+              <%= link_to "Invitations", admin_invitations_path, class: "px-3 py-2 rounded-md text-sm font-medium hover:bg-blue-700" %>
+              <%= link_to "Back to Site", root_path, class: "px-3 py-2 rounded-md text-sm font-medium hover:bg-blue-700" %>
+            </nav>
+          </div>
+        </div>
+      </header>
+
+      <!-- Flash messages -->
+      <% if flash.any? %>
+        <div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 mt-4">
+          <% flash.each do |type, message| %>
+            <div class="<%= type == 'notice' ? 'bg-green-100 border-green-400 text-green-700' : 'bg-red-100 border-red-400 text-red-700' %> px-4 py-3 rounded relative mb-4" role="alert">
+              <span class="block sm:inline"><%= message %></span>
+            </div>
+          <% end %>
+        </div>
+      <% end %>
+
+      <!-- Main content -->
+      <main class="flex-1 max-w-7xl w-full mx-auto px-4 sm:px-6 lg:px-8 py-8">
+        <%= yield %>
+      </main>
+
+      <!-- Footer -->
+      <footer class="bg-white border-t border-gray-200 mt-auto">
+        <div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8 py-4">
+          <p class="text-center text-sm text-gray-600">
+            Sanasto Wiki Admin Dashboard &copy; <%= Time.current.year %>
+          </p>
+        </div>
+      </footer>
+    </div>
+  </body>
+</html>
diff --git a/app/views/setup/show.html.erb b/app/views/setup/show.html.erb
new file mode 100644
index 0000000..9890419
--- /dev/null
+++ b/app/views/setup/show.html.erb
@@ -0,0 +1,107 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Setup - Sanasto Wiki</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+    <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %>
+    <%= javascript_importmap_tags %>
+    <script src="https://cdn.tailwindcss.com"></script>
+  </head>
+
+  <body class="bg-gradient-to-br from-blue-50 to-indigo-100 min-h-screen flex items-center justify-center p-4">
+    <div class="w-full max-w-md mx-auto">
+      <!-- Setup Card -->
+      <div class="bg-white shadow-2xl rounded-lg overflow-hidden">
+        <!-- Header -->
+        <div class="bg-gradient-to-r from-blue-600 to-indigo-600 px-6 py-8 text-center">
+          <h1 class="text-3xl font-bold text-white">Sanasto Wiki</h1>
+          <p class="mt-2 text-blue-100">Initial Setup</p>
+        </div>
+
+        <!-- Form -->
+        <div class="px-6 py-8">
+          <div class="mb-6">
+            <h2 class="text-xl font-semibold text-gray-900">Create Admin Account</h2>
+            <p class="mt-2 text-sm text-gray-600">
+              Welcome! Let's create your administrator account to get started.
+            </p>
+          </div>
+
+          <%= form_with model: @user, url: setup_path, method: :post, class: "space-y-6" do |f| %>
+            <% if @user.errors.any? %>
+              <div class="rounded-md bg-red-50 p-4">
+                <div class="flex">
+                  <div class="flex-shrink-0">
+                    <svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
+                      <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
+                    </svg>
+                  </div>
+                  <div class="ml-3">
+                    <h3 class="text-sm font-medium text-red-800">
+                      <%= pluralize(@user.errors.count, "error") %> prevented setup:
+                    </h3>
+                    <div class="mt-2 text-sm text-red-700">
+                      <ul class="list-disc pl-5 space-y-1">
+                        <% @user.errors.full_messages.each do |message| %>
+                          <li><%= message %></li>
+                        <% end %>
+                      </ul>
+                    </div>
+                  </div>
+                </div>
+              </div>
+            <% end %>
+
+            <div>
+              <%= f.label :name, class: "block text-sm font-medium text-gray-700" %>
+              <%= f.text_field :name, required: true, autofocus: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "Your full name" %>
+            </div>
+
+            <div>
+              <%= f.label :email, class: "block text-sm font-medium text-gray-700" %>
+              <%= f.email_field :email, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "admin@example.com" %>
+              <p class="mt-1 text-xs text-gray-500">This will be the default contact email for the system.</p>
+            </div>
+
+            <div>
+              <%= f.label :primary_language, "Preferred Language", class: "block text-sm font-medium text-gray-700" %>
+              <%= f.select :primary_language, SupportedLanguage.order(:sort_order).pluck(:code, :native_name), { include_blank: "Select your primary language" }, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
+            </div>
+
+            <div>
+              <%= f.label :password, class: "block text-sm font-medium text-gray-700" %>
+              <%= f.password_field :password, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "Minimum 12 characters" %>
+              <p class="mt-1 text-xs text-gray-500">Choose a strong password with at least 12 characters.</p>
+            </div>
+
+            <div>
+              <%= f.label :password_confirmation, "Confirm Password", class: "block text-sm font-medium text-gray-700" %>
+              <%= f.password_field :password_confirmation, required: true, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm", placeholder: "Re-enter your password" %>
+            </div>
+
+            <div class="bg-blue-50 border-l-4 border-blue-400 p-4">
+              <div class="flex">
+                <div class="flex-shrink-0">
+                  <svg class="h-5 w-5 text-blue-400" fill="currentColor" viewBox="0 0 20 20">
+                    <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd" />
+                  </svg>
+                </div>
+                <div class="ml-3">
+                  <p class="text-sm text-blue-700">
+                    <strong>Note:</strong> This account will have full administrator access and cannot be deleted through the UI.
+                  </p>
+                </div>
+              </div>
+            </div>
+
+            <div>
+              <%= f.submit "Complete Setup", class: "w-full flex justify-center py-3 px-4 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-gradient-to-r from-blue-600 to-indigo-600 hover:from-blue-700 hover:to-indigo-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500 transition-all duration-200" %>
+            </div>
+          <% end %>
+        </div>
+      </div>
+    </div>
+  </body>
+</html>
diff --git a/config/routes.rb b/config/routes.rb
index 561dca5..a74e826 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -12,6 +12,23 @@ Rails.application.routes.draw do
   # Defines the root path route ("/")
   root "entries#index"
 
+  # Setup route (only accessible when .installed file doesn't exist)
+  get "setup", to: "setup#show"
+  post "setup", to: "setup#create"
+
+  # Authentication routes (placeholder for future implementation)
+  # get "login", to: "sessions#new", as: :login
+  # post "login", to: "sessions#create"
+  # delete "logout", to: "sessions#destroy", as: :logout
+
+  # Admin namespace
+  namespace :admin do
+    root "dashboard#index"
+    get "dashboard", to: "dashboard#index"
+    resources :users, only: [ :index, :edit, :update, :destroy ]
+    resources :invitations, only: [ :index, :new, :create, :destroy ]
+  end
+
   resources :entries do
     collection do
       get :download
diff --git a/docs/ADMIN.md b/docs/ADMIN.md
new file mode 100644
index 0000000..950f470
--- /dev/null
+++ b/docs/ADMIN.md
@@ -0,0 +1,34 @@
+# Admin Dashboard
+
+The admin dashboard provides tools for managing users, invitations, and viewing system statistics.
+
+## Creating the First Admin User
+
+Visit /setup
+
+## Accessing the Admin Dashboard
+
+1. **Note:** Authentication system is not yet implemented. You'll need to set `session[:user_id]` manually in the console or implement the authentication controllers first.
+
+2. Once authenticated, navigate to `/admin` to access the dashboard.
+
+## Admin Features
+
+### Dashboard (`/admin`)
+- View system statistics (users, entries, suggestions)
+- Language completion percentages
+- Recent activity (new users, new entries)
+- Pending invitations count
+
+### User Management (`/admin/users`)
+- List all users with filtering
+- Edit user details and roles
+- Delete users (except yourself)
+- View user status (active/invited)
+
+### Invitations (`/admin/invitations`)
+- Send new invitations
+- View pending invitations (not yet accepted)
+- Cancel pending invitations
+- View recently accepted invitations
+- Invitations expire after 14 days
diff --git a/docs/SETUP_GUIDE.md b/docs/SETUP_GUIDE.md
new file mode 100644
index 0000000..0b3dc1b
--- /dev/null
+++ b/docs/SETUP_GUIDE.md
@@ -0,0 +1,74 @@
+# Setup Guide
+
+## Initial Setup
+
+When you first deploy Sanasto Wiki, you need to create an initial administrator account.
+
+### Automatic Setup (Recommended)
+
+1. Start the Rails server:
+   ```bash
+   bundle exec rails server
+   ```
+
+2. Navigate to `/setup` in your browser
+
+3. Fill in the setup form:
+   - **Name**: Your full name
+   - **Email**: Your email address (becomes the system default contact)
+   - **Preferred Language**: Your primary working language
+   - **Password**: At least 12 characters
+   - **Confirm Password**: Re-enter your password
+
+4. Click "Complete Setup"
+
+5. You'll be automatically logged in and redirected to the admin dashboard
+
+### What Happens During Setup
+
+- Creates your admin account with full permissions
+- Sets you as the default system contact (User.first.email)
+- Creates a `.installed` marker file to prevent re-running setup
+- Automatically logs you in
+- Protects your account from deletion (first user cannot be deleted)
+
+### After Setup
+
+Once setup is complete:
+- The `/setup` route becomes inaccessible
+- You can access the admin dashboard at `/admin`
+- You can invite other users through the admin interface
+- The first admin user (you) is protected from deletion
+
+### Resetting Setup
+
+If you need to re-run setup (e.g., in development):
+
+```bash
+# Remove the installed marker
+rm .installed
+
+# Clear the database (development only!)
+bundle exec rails db:reset
+
+# Now you can access /setup again
+```
+
+### Production Deployment
+
+For production deployment:
+1. Deploy the application
+2. Run migrations: `bundle exec rails db:migrate`
+3. Navigate to your domain's `/setup` route
+4. Complete the setup form
+5. Start inviting contributors
+
+The `.installed` file should NOT be committed to version control (it's in .gitignore).
+
+### Security Notes
+
+- The setup route is only accessible when `.installed` file doesn't exist
+- Password must be at least 12 characters
+- The first admin user cannot be deleted through the UI
+- Setup automatically creates an admin-level account
+- After setup, use the invitation system to add more users
diff --git a/docs/TODO.md b/docs/TODO.md
index 357119d..6db798a 100644
--- a/docs/TODO.md
+++ b/docs/TODO.md
@@ -54,10 +54,11 @@
 
 ## User Management
 
-- [ ] **Admin dashboard**
-  - [ ] Send invitations by email
-  - [ ] Manage users (list, edit roles, deactivate)
-  - [ ] System statistics (users, entries, contributions)
+- [x] **Setup** adds the first user
+- [x] **Admin dashboard**
+  - [x] Send invitations interface (email delivery pending mailer implementation)
+  - [x] Manage users (list, edit roles, delete)
+  - [x] System statistics (users, entries, contributions)
 - [ ] **User profile page**
   - [ ] Edit name, email, password
   - [ ] Set primary language preference
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
index 0020ba5..f8b7c32 100644
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@@ -2,33 +2,39 @@ require "test_helper"
 
 class UserTest < ActiveSupport::TestCase
   test "should be valid with an email and password" do
-    user = User.new(email: "test@example.com", password: "password")
+    user = User.new(email: "test@example.com", password: "password123456")
     assert user.valid?
   end
 
   test "should be invalid without an email" do
-    user = User.new(password: "password")
+    user = User.new(password: "password123456")
     assert_not user.valid?
   end
 
   test "should be invalid with a duplicate email" do
-    User.create(email: "test@example.com", password: "password")
-    user = User.new(email: "test@example.com", password: "password")
+    User.create(email: "test@example.com", password: "password123456")
+    user = User.new(email: "test@example.com", password: "password123456")
     assert_not user.valid?
   end
 
   test "should have a default role of contributor" do
-    user = User.new(email: "test@example.com", password: "password")
+    user = User.new(email: "test@example.com", password: "password123456")
     assert user.contributor?
   end
 
   test "can be a reviewer" do
-    user = User.new(email: "test@example.com", password: "password", role: :reviewer)
+    user = User.new(email: "test@example.com", password: "password123456", role: :reviewer)
     assert user.reviewer?
   end
 
   test "can be an admin" do
-    user = User.new(email: "test@example.com", password: "password", role: :admin)
+    user = User.new(email: "test@example.com", password: "password123456", role: :admin)
     assert user.admin?
   end
+
+  test "should be invalid with a password shorter than 12 characters" do
+    user = User.new(email: "test@example.com", password: "short")
+    assert_not user.valid?
+    assert_includes user.errors[:password], "is too short (minimum is 12 characters)"
+  end
 end