diff --git a/modules/core/client/config/core.client.routes.js b/modules/core/client/config/core.client.routes.js
index 6fc0d79fc0..9a89d6c326 100644
--- a/modules/core/client/config/core.client.routes.js
+++ b/modules/core/client/config/core.client.routes.js
@@ -36,17 +36,31 @@
       .state('not-found', {
         url: '/not-found',
         templateUrl: 'modules/core/client/views/404.client.view.html',
+        controller: 'ErrorController',
+        controllerAs: 'vm',
+        params: {
+          message: function($stateParams) {
+            return $stateParams.message;
+          }
+        },
         data: {
           ignoreState: true,
-          pageTitle: 'Not-Found'
+          pageTitle: 'Not Found'
         }
       })
       .state('bad-request', {
         url: '/bad-request',
         templateUrl: 'modules/core/client/views/400.client.view.html',
+        controller: 'ErrorController',
+        controllerAs: 'vm',
+        params: {
+          message: function($stateParams) {
+            return $stateParams.message;
+          }
+        },
         data: {
           ignoreState: true,
-          pageTitle: 'Bad-Request'
+          pageTitle: 'Bad Request'
         }
       })
       .state('forbidden', {
diff --git a/modules/core/client/controllers/error.client.controller.js b/modules/core/client/controllers/error.client.controller.js
new file mode 100644
index 0000000000..5968f34315
--- /dev/null
+++ b/modules/core/client/controllers/error.client.controller.js
@@ -0,0 +1,18 @@
+(function () {
+  'use strict';
+
+  angular
+    .module('core')
+    .controller('ErrorController', ErrorController);
+
+  ErrorController.$inject = ['$stateParams'];
+
+  function ErrorController($stateParams) {
+    var vm = this;
+    vm.errorMessage = null;
+
+    // Display custom message if it was set
+    if ($stateParams.message) vm.errorMessage = $stateParams.message;
+  }
+}());
+
diff --git a/modules/core/client/services/interceptors/auth-interceptor.client.service.js b/modules/core/client/services/interceptors/auth-interceptor.client.service.js
index 2929402804..97486209dd 100644
--- a/modules/core/client/services/interceptors/auth-interceptor.client.service.js
+++ b/modules/core/client/services/interceptors/auth-interceptor.client.service.js
@@ -17,6 +17,9 @@
     function responseError(rejection) {
       if (!rejection.config.ignoreAuthModule) {
         switch (rejection.status) {
+          case 400:
+            $injector.get('$state').go('bad-request', { message: rejection.data.message });
+            break;
           case 401:
             // Deauthenticate the global user
             Authentication.user = null;
@@ -25,6 +28,9 @@
           case 403:
             $injector.get('$state').transitionTo('forbidden');
             break;
+          case 404:
+            $injector.get('$state').go('not-found', { message: rejection.data.message });
+            break;
         }
       }
       // otherwise, default behaviour
diff --git a/modules/core/client/views/400.client.view.html b/modules/core/client/views/400.client.view.html
index efc28045ef..f1192d4915 100644
--- a/modules/core/client/views/400.client.view.html
+++ b/modules/core/client/views/400.client.view.html
@@ -1,6 +1,9 @@
-<h1>Bad Request</h1>
+<div class="page-header">
+  <h1>Bad Request</h1>
+</div>
 <div class="alert alert-danger" role="alert">
   <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
   <span class="sr-only">Error:</span>
-  You made a bad request
+  <span ng-if="vm.errorMessage" ng-bind="vm.errorMessage"></span>
+  <span ng-if="!vm.errorMessage">You made a bad request</span>
 </div>
diff --git a/modules/core/client/views/403.client.view.html b/modules/core/client/views/403.client.view.html
index 151968d5e1..320980c931 100644
--- a/modules/core/client/views/403.client.view.html
+++ b/modules/core/client/views/403.client.view.html
@@ -1,4 +1,6 @@
-<h1>Forbidden</h1>
+<div class="page-header">
+  <h1>Forbidden</h1>
+</div>
 <div class="alert alert-danger" role="alert">
   <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
   <span class="sr-only">Error:</span>
diff --git a/modules/core/client/views/404.client.view.html b/modules/core/client/views/404.client.view.html
index e8e6d82cc1..c19e9be6bc 100644
--- a/modules/core/client/views/404.client.view.html
+++ b/modules/core/client/views/404.client.view.html
@@ -1,5 +1,8 @@
-<h1>Page Not Found</h1>
+<div class="page-header">
+  <h1>Page Not Found</h1>
+</div>
 <div class="alert alert-danger" role="alert">
   <span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
-  <span class="sr-only">Error:</span> Page Not Found
+  <span ng-if="vm.errorMessage" ng-bind="vm.errorMessage"></span>
+  <span ng-if="!vm.errorMessage">Page Not Found</span>
 </div>
diff --git a/modules/users/server/controllers/users/users.authentication.server.controller.js b/modules/users/server/controllers/users/users.authentication.server.controller.js
index b477785410..2089385400 100644
--- a/modules/users/server/controllers/users/users.authentication.server.controller.js
+++ b/modules/users/server/controllers/users/users.authentication.server.controller.js
@@ -30,7 +30,7 @@ exports.signup = function (req, res) {
   // Then save the user
   user.save(function (err) {
     if (err) {
-      return res.status(400).send({
+      return res.status(422).send({
         message: errorHandler.getErrorMessage(err)
       });
     } else {
@@ -55,7 +55,7 @@ exports.signup = function (req, res) {
 exports.signin = function (req, res, next) {
   passport.authenticate('local', function (err, user, info) {
     if (err || !user) {
-      res.status(400).send(info);
+      res.status(422).send(info);
     } else {
       // Remove sensitive data before login
       user.password = undefined;