diff --git a/src/Silex/Controller/SecurityController.php b/src/Silex/Controller/SecurityController.php
index 30dbd3d..3324974 100644
--- a/src/Silex/Controller/SecurityController.php
+++ b/src/Silex/Controller/SecurityController.php
@@ -7,33 +7,37 @@ namespace Silex\Controller;
 use Silex\DI\DI;
 use Silex\Http\HttpResponse;
 use Silex\Model\User;
+use Silex\Validation\UserValidation;
 
 class SecurityController
 {
     public function login(DI $di): HttpResponse
     {
-        $fail = false;
-        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+        $errors = [];
+        if ($_SERVER['REQUEST_METHOD'] === 'POST' && UserValidation::isValidLogin($_POST,$errors)) {
             $success = $di->getSecurity()->initLogin($_POST['login'], $_POST['password']);
             if ($success) {
                 HttpResponse::redirect($di->getRouter()->url(''));
+            } else {
+                $errors[] = 'Login or password invalid';
             }
-            $fail = !$success;
         }
-        return HttpResponse::found('login', ['fail' => $fail]);
+        return HttpResponse::found('login', ['errors' => $errors]);
     }
 
     public function register(DI $di): HttpResponse
     {
-        $fail = false;
-        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+        $errors = [];
+        if ($_SERVER['REQUEST_METHOD'] === 'POST' && UserValidation::isValidUser($_POST,$errors)) {
             $user = $di->getSecurity()->register(User::fromRawPassword($_POST['login'], $_POST['password']));
             if ($user !== null) {
                 HttpResponse::redirect($di->getRouter()->url(''));
             }
-            $fail = $user === null;
+            if($user === null){
+                $errors[] = 'Login is already taken';
+            }
         }
-        return HttpResponse::found('register', ['fail' => $fail]);
+        return HttpResponse::found('register', ['errors' => $errors]);
     }
 
     public function logout(DI $di): void
diff --git a/src/Silex/Validation/UserValidation.php b/src/Silex/Validation/UserValidation.php
new file mode 100644
index 0000000..b89f0f4
--- /dev/null
+++ b/src/Silex/Validation/UserValidation.php
@@ -0,0 +1,41 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Silex\Validation;
+
+final class UserValidation
+{
+    public static function isValidLogin(array &$post, array &$errors): bool
+    {
+        if(empty($post['login'])) {
+            $errors[] = 'Login error';
+        }
+
+        if(empty($post['password'])) {
+            $errors[] = 'Password error';
+        }
+        return empty($errors);
+    }
+
+    public static function isValidUser(array &$post, array &$errors): bool
+    {
+        if(empty($post['login'])) {
+            $errors[] = 'Login empty error';
+        }
+
+        if(empty($post['password'])) {
+            $errors[] = 'Password empty error';
+        }
+
+        if(empty($post['password-confirmation'])) {
+            $errors[] = 'Password confirmation empty error';
+        }
+
+        if($post['password'] !== $post['password-confirmation']){
+            $errors[] = 'Password confirmation not matching error';
+        }
+
+        return empty($errors);
+    }
+}
diff --git a/views/errors.php b/views/errors.php
new file mode 100644
index 0000000..ee44fac
--- /dev/null
+++ b/views/errors.php
@@ -0,0 +1,11 @@
+<?php if ($params['errors']) : 
+	foreach ($params['errors'] as $error) { ?>
+    <article class="message is-danger">
+        <div class="message-header">
+            <p>Auth failed</p>
+        </div>
+        <div class="message-body">
+            <?= $error?>
+        </div>
+    </article>
+<?php } endif ?>
diff --git a/views/login.php b/views/login.php
index 6c881e2..1112f97 100644
--- a/views/login.php
+++ b/views/login.php
@@ -1,13 +1,4 @@
-<?php if ($params['fail']) : ?>
-    <article class="message is-danger">
-        <div class="message-header">
-            <p>Auth failed</p>
-        </div>
-        <div class="message-body">
-            Login and/or password is invalid.
-        </div>
-    </article>
-<?php endif ?>
+<?php require 'errors.php' ?>
 <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post">
     <div class="field">
         <label class="label" for="login">Login</label>
diff --git a/views/register.php b/views/register.php
index 4452f38..1e52428 100644
--- a/views/register.php
+++ b/views/register.php
@@ -1,13 +1,4 @@
-<?php if ($params['fail']) : ?>
-    <article class="message is-danger">
-        <div class="message-header">
-            <p>Registration failed</p>
-        </div>
-        <div class="message-body">
-            Login is already taken.
-        </div>
-    </article>
-<?php endif ?>
+<?php require 'errors.php' ?>
 <form action="<?= $_SERVER['REQUEST_URI'] ?>" method="post">
     <div class="field">
         <label class="label" for="login">Login</label>