[Security] tweaked some exception messages

1 files changed, 2 insertions, 2 deletions

diff --git a/Core/Authentication/Provider/DaoAuthenticationProvider.php b/Core/Authentication/Provider/DaoAuthenticationProvider.php
index 21bec82..fa08955 100644
--- a/Core/Authentication/Provider/DaoAuthenticationProvider.php
+++ b/Core/Authentication/Provider/DaoAuthenticationProvider.php
@@ -59,11 +59,11 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
             }
         } else {
             if (!$presentedPassword = $token->getCredentials()) {
-                throw new BadCredentialsException('Bad credentials');
+                throw new BadCredentialsException('The presented password cannot be empty.');
             }
 
             if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
-                throw new BadCredentialsException('Bad credentials');
+                throw new BadCredentialsException('The presented password is invalid.');
             }
         }
     }