Ensure that a valid error message should be displayed for an incorrect user or password.

web/pgadmin/__init__.py

@@ -314,6 +314,11 @@ def create_app(app_name=None):
                 getattr(config, 'SQLITE_TIMEOUT', 500)
                 )
 
+    # Override USER_DOES_NOT_EXIST and INVALID_PASSWORD messages from flask.
+    app.config['SECURITY_MSG_USER_DOES_NOT_EXIST'] = \
+        app.config['SECURITY_MSG_INVALID_PASSWORD'] = \
+        (gettext("Incorrect username or password."), "error")
+
     # Create database connection object and mailer
     db.init_app(app)
 

web/pgadmin/authenticate/internal.py

@@ -23,7 +23,7 @@ from pgadmin.model import User
 class BaseAuthentication(object):
 
     DEFAULT_MSG = {
-        'USER_DOES_NOT_EXIST': 'Specified user does not exist',
+        'USER_DOES_NOT_EXIST': 'Incorrect username or password.',
         'LOGIN_FAILED': 'Login failed',
         'EMAIL_NOT_PROVIDED': 'Email/Username not provided',
         'PASSWORD_NOT_PROVIDED': 'Password not provided'