diff --git a/htdocs/application/controllers/auth.php b/htdocs/application/controllers/auth.php
index 002b916..447d7e5 100644
--- a/htdocs/application/controllers/auth.php
+++ b/htdocs/application/controllers/auth.php
@@ -60,8 +60,8 @@ class Auth extends CI_Controller {
                 }
             }else {
                 // Login FAIL
-                $this->load->view('auth/login_form', array('login_fail_msg'
-                                        => 'Error with LDAP authentication.'));
+                $this->db_session->set_flashdata('login_error', 'Incorrect username or password.');
+                $this->load->view('auth/login_form');
             }
         }else {
                 // Already logged in...
diff --git a/htdocs/application/libraries/auth_ldap.php b/htdocs/application/libraries/auth_ldap.php
index c27d73b..62afddc 100644
--- a/htdocs/application/libraries/auth_ldap.php
+++ b/htdocs/application/libraries/auth_ldap.php
@@ -92,7 +92,8 @@ class Auth_Ldap {
         $user_info = $this->_authenticate($username,$password);
         if(empty($user_info['role'])) {
             log_message('info', $username." has no role to play.");
-            show_error($username.' succssfully authenticated, but is not allowed because the username was not found in an allowed access group.');
+            //show_error($username.' succssfully authenticated, but is not allowed because the username was not found in an allowed access group.');
+            return FALSE;
         }
         // Record the login
         $this->_audit("Successful login: ".$user_info['cn']."(".$username.") from ".$this->ci->input->ip_address());
@@ -190,6 +191,13 @@ class Auth_Ldap {
         $search = ldap_search($this->ldapconn, $this->basedn, $filter, 
                 array('dn', $this->login_attribute, 'cn'));
         $entries = ldap_get_entries($this->ldapconn, $search);
+        
+        if(!isset($entries[0])){
+            //User either does not exist or has no permissions
+            $this->_audit("Failed login attempt: ".$username." from ".$_SERVER['REMOTE_ADDR']);
+            return FALSE;
+        }
+        
         $binddn = $entries[0]['dn'];
             
         // Now actually try to bind as the user
diff --git a/htdocs/application/views/auth/login_form.php b/htdocs/application/views/auth/login_form.php
index f2251b0..a233d6c 100644
--- a/htdocs/application/views/auth/login_form.php
+++ b/htdocs/application/views/auth/login_form.php
@@ -1,4 +1,12 @@
 <?php $this->load->view('defaults/header'); ?>
+    <?php
+        $message = $this->db_session->flashdata('login_error');
+        if ($message){
+            echo '<div class="login_error">';
+            echo $message;
+            echo '</div>';
+        }
+    ?>
     <div class="login">
       <?php echo form_fieldset(); ?>
       <?php echo validation_errors();?>
diff --git a/htdocs/static/styles/main.css b/htdocs/static/styles/main.css
index 6076367..ae4f65f 100644
--- a/htdocs/static/styles/main.css
+++ b/htdocs/static/styles/main.css
@@ -487,4 +487,14 @@ h4 {
 .login {
     margin-left: 35%;
     margin-right: auto;
+}
+
+.login_error {
+    border: 1px solid;
+    margin-left: 25%;
+    margin-right: 30%;
+    padding:15px 10px 15px 50px;
+    text-align: center;
+    background-color: #FFBABA;
+    color: #D8000C;
 }
\ No newline at end of file