diff --git a/includes/core/class-password.php b/includes/core/class-password.php
index a6c18f92..e968a683 100644
--- a/includes/core/class-password.php
+++ b/includes/core/class-password.php
@@ -457,10 +457,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
 				UM()->form()->add_error( 'username_b', __( 'Please provide your username or email', 'ultimate-member' ) );
 			}
 
-			if ( ( ! is_email( $user ) && ! username_exists( $user ) ) || ( is_email( $user ) && ! email_exists( $user ) ) ) {
-				UM()->form()->add_error( 'username_b', __( 'We can\'t find an account registered with that address or username', 'ultimate-member' ) );
-			} else {
-
+			if ( ( ! is_email( $user ) && username_exists( $user ) ) || ( is_email( $user ) && email_exists( $user ) ) ) {
 				if ( is_email( $user ) ) {
 					$user_id = email_exists( $user );
 				} else {
diff --git a/includes/core/um-actions-account.php b/includes/core/um-actions-account.php
index 674f0dc2..0f5043e9 100644
--- a/includes/core/um-actions-account.php
+++ b/includes/core/um-actions-account.php
@@ -144,7 +144,7 @@ function um_submit_account_errors_hook( $args ) {
 				}
 
 				if ( email_exists( $args['user_email'] ) && email_exists( $args['user_email'] ) !== get_current_user_id() ) {
-					UM()->form()->add_error( 'user_email', __( 'Email already linked to another account', 'ultimate-member' ) );
+					UM()->form()->add_error( 'user_email', __( 'Please provide a valid e-mail', 'ultimate-member' ) );
 				}
 			}
 
diff --git a/includes/core/um-actions-form.php b/includes/core/um-actions-form.php
index 293a7e70..f3a0fe49 100644
--- a/includes/core/um-actions-form.php
+++ b/includes/core/um-actions-form.php
@@ -775,7 +775,7 @@ function um_submit_form_errors_hook_( $args ) {
 							if ( $args[ $key ] == '' ) {
 								UM()->form()->add_error( $key, __( 'You must provide a username', 'ultimate-member' ) );
 							} elseif ( $mode == 'register' && username_exists( sanitize_user( $args[ $key ] ) ) ) {
-								UM()->form()->add_error( $key, __( 'Your username is already taken', 'ultimate-member' ) );
+								UM()->form()->add_error( $key, __( 'The username you entered is incorrect', 'ultimate-member' ) );
 							} elseif ( is_email( $args[ $key ] ) ) {
 								UM()->form()->add_error( $key, __( 'Username cannot be an email', 'ultimate-member' ) );
 							} elseif ( ! UM()->validation()->safe_username( $args[ $key ] ) ) {
@@ -787,11 +787,11 @@ function um_submit_form_errors_hook_( $args ) {
 						case 'unique_username_or_email':
 
 							if ( $args[ $key ] == '' ) {
-								UM()->form()->add_error( $key, __( 'You must provide a username', 'ultimate-member' ) );
+								UM()->form()->add_error( $key, __( 'You must provide a username or email', 'ultimate-member' ) );
 							} elseif ( $mode == 'register' && username_exists( sanitize_user( $args[ $key ] ) ) ) {
-								UM()->form()->add_error( $key, __( 'Your username is already taken', 'ultimate-member' ) );
+								UM()->form()->add_error( $key, __( 'The username you entered is incorrect', 'ultimate-member' ) );
 							} elseif ( $mode == 'register' && email_exists( $args[ $key ] ) ) {
-								UM()->form()->add_error( $key, __( 'This email is already linked to an existing account', 'ultimate-member' ) );
+								UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 							} elseif ( ! UM()->validation()->safe_username( $args[ $key ] ) ) {
 								UM()->form()->add_error( $key, __( 'Your username contains invalid characters', 'ultimate-member' ) );
 							}
@@ -813,11 +813,11 @@ function um_submit_form_errors_hook_( $args ) {
 								if ( $args[ $key ] == '' && in_array( $key, array( 'user_email' ) ) ) {
 									UM()->form()->add_error( $key, __( 'You must provide your email', 'ultimate-member' ) );
 								} elseif ( in_array( $mode, array( 'register' ) ) && $email_exists  ) {
-									UM()->form()->add_error( $key, __( 'This email is already linked to an existing account', 'ultimate-member' ) );
+									UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 								} elseif ( in_array( $mode, array( 'profile' ) ) && $email_exists && $email_exists != $args['user_id']  ) {
-									UM()->form()->add_error( $key, __( 'This email is already linked to an existing account', 'ultimate-member' ) );
-								} elseif ( !is_email( $args[ $key ] ) ) {
-									UM()->form()->add_error( $key, __( 'This is not a valid email', 'ultimate-member') );
+									UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
+								} elseif ( ! is_email( $args[ $key ] ) ) {
+									UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member') );
 								} elseif ( ! UM()->validation()->safe_username( $args[ $key ] ) ) {
 									UM()->form()->add_error( $key,  __( 'Your email contains invalid characters', 'ultimate-member' ) );
 								}
@@ -825,16 +825,16 @@ function um_submit_form_errors_hook_( $args ) {
 							} else {
 
 								if ( $args[ $key ] != '' && ! is_email( $args[ $key ] ) ) {
-									UM()->form()->add_error( $key, __( 'This is not a valid email', 'ultimate-member' ) );
+									UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 								} elseif ( $args[ $key ] != '' && email_exists( $args[ $key ] ) ) {
-									UM()->form()->add_error( $key, __( 'This email is already linked to an existing account', 'ultimate-member' ) );
+									UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 								} elseif ( $args[ $key ] != '' ) {
 
 									$users = get_users( 'meta_value=' . $args[ $key ] );
 
 									foreach ( $users as $user ) {
 										if ( $user->ID != $args['user_id'] ) {
-											UM()->form()->add_error( $key, __( 'This email is already linked to an existing account', 'ultimate-member' ) );
+											UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 										}
 									}
 
diff --git a/includes/core/um-actions-login.php b/includes/core/um-actions-login.php
index 3f6ce611..ce83d2b3 100644
--- a/includes/core/um-actions-login.php
+++ b/includes/core/um-actions-login.php
@@ -65,12 +65,12 @@ function um_submit_form_errors_hook_login( $args ) {
 
 	$user = apply_filters( 'authenticate', null, $authenticate, $args['user_password'] );
 	if ( is_wp_error( $user ) && ! in_array( $user->get_error_code(), $ignore_codes ) ) {
-		UM()->form()->add_error( $user->get_error_code(), __( $user->get_error_message(), 'ultimate-member' ) );
+		UM()->form()->add_error( $user->get_error_code(), __( 'Password is incorrect. Please try again.', 'ultimate-member' ) );
 	}
 
 	$user = apply_filters( 'wp_authenticate_user', $user, $args['user_password'] );
 	if ( is_wp_error( $user ) && ! in_array( $user->get_error_code(), $ignore_codes ) ) {
-		UM()->form()->add_error( $user->get_error_code(), __( $user->get_error_message(), 'ultimate-member' ) );
+		UM()->form()->add_error( $user->get_error_code(), __( 'Password is incorrect. Please try again.', 'ultimate-member' ) );
 	}
 
 	// if there is an error notify wp
diff --git a/readme.txt b/readme.txt
index 8b00a49e..4016febe 100644
--- a/readme.txt
+++ b/readme.txt
@@ -163,6 +163,7 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
   - Added: Callback for deleting the custom field data from member direcroty settings when this custom field has been deleted in Form Builder.
   - Added: 'um_account_active_tab_inited' JS hook.
   - Updated: Require a strong password option (`Ultimate Member > Settings > General > Users > Require a strong password?`) to make it common for all Ultimate Member forms. Renamed option key from `reset_require_strongpass` to `require_strongpass`.
+  - Updated: Form errors texts on the login/password reset forms. Made them secure.
   - Deprecated: `Ultimate Member > Settings > General > Account > Require a strong password?` option and merged with `Ultimate Member > Settings > General > Users > Require a strong password?` option.
 
 * Bugfixes:
diff --git a/templates/password-reset.php b/templates/password-reset.php
index 437fa184..384da0be 100644
--- a/templates/password-reset.php
+++ b/templates/password-reset.php
@@ -9,7 +9,7 @@
 				<div class="um-field um-field-block um-field-type_block">
 					<div class="um-field-block">
 						<div style="text-align:center;">
-							<?php esc_html_e( 'We have sent you a password reset link to your e-mail. Please check your inbox.', 'ultimate-member' ); ?>
+							<?php esc_html_e( 'If an account matching the provided details exists, we will send a password reset link. Please check your inbox.', 'ultimate-member' ); ?>
 						</div>
 					</div>
 				</div>
@@ -44,9 +44,9 @@
 						<div class="um-field-block">
 							<div style="text-align:center;">
 								<?php if ( 'expiredkey' === sanitize_key( $_GET['updated'] ) ) {
-									_e( 'Your password reset link has expired. Please request a new link below.', 'ultimate-member' );
+									esc_html_e( 'Your password reset link has expired. Please request a new link below.', 'ultimate-member' );
 								} elseif ( 'invalidkey' === sanitize_key( $_GET['updated'] ) ) {
-									_e( 'Your password reset link appears to be invalid. Please request a new link below.', 'ultimate-member' );
+									esc_html_e( 'Your password reset link appears to be invalid. Please request a new link below.', 'ultimate-member' );
 								} ?>
 							</div>
 						</div>
@@ -55,7 +55,7 @@
 					<div class="um-field um-field-block um-field-type_block">
 						<div class="um-field-block">
 							<div style="text-align:center;">
-								<?php _e( 'To reset your password, please enter your email address or username below', 'ultimate-member' ); ?>
+								<?php esc_html_e( 'To reset your password, please enter your email address or username below.', 'ultimate-member' ); ?>
 							</div>
 						</div>
 					</div>