diff --git a/config/passport.js b/config/passport.js
index 1265900c59..c04ad9153c 100755
--- a/config/passport.js
+++ b/config/passport.js
@@ -22,9 +22,9 @@ passport.deserializeUser(function(id, done) {
 
 passport.use(new LocalStrategy({ usernameField: 'email' }, function(email, password, done) {
   User.findOne({ email: email }, function(err, user) {
-    if (!user) return done(null, false, { message: 'No match found for user: ' + email });
+    if (!user) return done(null, false, { message: 'Email ' + email + ' not found'});
     user.comparePassword(password, function(err, isMatch) {
-      if(isMatch) {
+      if (isMatch) {
         return done(null, user);
       } else {
         return done(null, false, { message: 'Invalid email or password.' });
diff --git a/controllers/user.js b/controllers/user.js
index 3813c08ae1..f38fdc121f 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -12,7 +12,7 @@ exports.getLogin = function(req, res) {
   if (req.user) return res.redirect('/');
   res.render('account/login', {
     title: 'Login',
-    messages: req.flash('messages')
+    errors: req.flash('errors')
   });
 };
 
@@ -50,11 +50,22 @@ exports.getAccount = function(req, res) {
  */
 
 exports.postLogin = function(req, res, next) {
+  req.assert('email', 'Email cannot be blank').notEmpty();
+  req.assert('email', 'Email is not valid').isEmail();
+  req.assert('password', 'Password cannot be blank').notEmpty();
+
+  var errors = req.validationErrors();
+
+  if (errors) {
+    req.flash('errors', errors);
+    return res.redirect('/login');
+  }
+
   passport.authenticate('local', function(err, user, info) {
     if (err) return next(err);
 
     if (!user) {
-      req.flash('messages', info.message);
+      req.flash('errors', { msg: info.message });
       return res.redirect('/login');
     }