diff --git a/lms/lmsweb/forms/login.py b/lms/lmsweb/forms/login.py
new file mode 100644
index 00000000..9b48a6e4
--- /dev/null
+++ b/lms/lmsweb/forms/login.py
@@ -0,0 +1,14 @@
+from flask_wtf import FlaskForm
+from wtforms import PasswordField, StringField
+from wtforms.validators import InputRequired, Length
+
+
+class LoginForm(FlaskForm):
+    username = StringField(
+        'Username', validators=[
+            InputRequired(), Length(min=4, max=20),
+        ],
+    )
+    password = PasswordField(
+        'Password', validators=[InputRequired(), Length(min=8)], id='password',
+    )
diff --git a/lms/lmsweb/forms/reset_password.py b/lms/lmsweb/forms/reset_password.py
index 1785eaa8..96fafac2 100644
--- a/lms/lmsweb/forms/reset_password.py
+++ b/lms/lmsweb/forms/reset_password.py
@@ -2,7 +2,7 @@
 from flask_babel import gettext as _  # type: ignore
 from flask_wtf import FlaskForm
 from wtforms import StringField
-from wtforms.fields.simple import PasswordField
+from wtforms import PasswordField
 from wtforms.validators import Email, EqualTo, InputRequired, Length
 
 
diff --git a/lms/lmsweb/views.py b/lms/lmsweb/views.py
index 608b15ea..67d95631 100644
--- a/lms/lmsweb/views.py
+++ b/lms/lmsweb/views.py
@@ -28,6 +28,7 @@
 )
 from lms.lmsweb.forms.change_password import ChangePasswordForm
 from lms.lmsweb.forms.register import RegisterForm
+from lms.lmsweb.forms.login import LoginForm
 from lms.lmsweb.forms.reset_password import RecoverPassForm, ResetPassForm
 from lms.lmsweb.manifest import MANIFEST
 from lms.lmsweb.redirections import (
@@ -98,27 +99,30 @@ def ratelimit_handler(e):
     deduct_when=lambda response: response.status_code != 200,
 )
 def login(login_message: Optional[str] = None):
+    next_page = request.form.get('next')
     if current_user.is_authenticated:
-        return get_next_url(request.args.get('next'))
+        return get_next_url(next_page)
 
-    username = request.form.get('username')
-    password = request.form.get('password')
-    next_page = request.form.get('next')
+    form = LoginForm()
     login_message = request.args.get('login_message')
+    if not form.validate_on_submit():
+        return render_template(
+            'login.html', form=form, login_message=login_message,
+        )
 
-    if request.method == 'POST':
-        try:
-            user = auth(username, password)
-        except (ForbiddenPermission, UnauthorizedError) as e:
-            error_message, _ = e.args
-            error_details = {'next': next_page, 'login_message': error_message}
-            return redirect(url_for('login', **error_details))
-        else:
-            login_user(user)
-            session['_invalid_password_tries'] = 0
-            return get_next_url(next_page)
-
-    return render_template('login.html', login_message=login_message)
+    username = form.username.data
+    password = form.password.data
+
+    try:
+        user = auth(username, password)
+    except (ForbiddenPermission, UnauthorizedError) as e:
+        error_message, _ = e.args
+        error_details = {'next': next_page, 'login_message': error_message}
+        return redirect(url_for('login', **error_details))
+    else:
+        login_user(user)
+        session['_invalid_password_tries'] = 0
+        return get_next_url(next_page)
 
 
 @webapp.route('/signup', methods=['GET', 'POST'])
diff --git a/lms/templates/login.html b/lms/templates/login.html
index 7d81f944..51dd4df2 100644
--- a/lms/templates/login.html
+++ b/lms/templates/login.html
@@ -1,45 +1,42 @@
 {% extends 'base.html' %}
+{% from "_formhelpers.html" import render_field %}
 
 {% block page_content %}
-  <div class="container">
-    <div id="login-container">
-      <div id="login" class="text-center">
-        <img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
-        <h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1>
-        <p>
-          {{ _('Welcome to the exercise system!') }}<br>
-          {{ _('Insert your username and password:') }}
-        </p>
-        {% if login_message %}
-        <div id="login-message-box" class="text-center">
-            <p>
-                {{ login_message }}
-            </p>
-        </div>
-        {% endif %}
-        <form class="align-items-center" method="post" action="{{ url_for('login') }}">
-          <div class="row mb-3 {{ direction }}-language">
-            <label for="username" class="visually-hidden">{{ _('Username') }}</label>
-            <div>
-              <input id="username" class="form-control form-control-lg" type="text" name="username" placeholder="{{ _('Username') }}" required autofocus>
-            </div>
-          </div>
-          <div class="row mb-3 {{ direction }}-language">
-            <label for="password" class="visually-hidden">{{ _('Password') }}</label>
-            <div>
-              <input id="password" class="form-control form-control-lg" type="password" name="password" placeholder="{{ _('Password') }}" required>
-            </div>
-          </div>
-          <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required>
-          <input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}">
-          <button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button>
-        </form>
-        <a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your password?') }}</a>
-        {% if config.REGISTRATION_OPEN %}
-        <hr class="mt-3 mb-3">
-        <a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a>
-        {% endif %}
-      </div>
-    </div>
-  </div>
+<div class="container">
+	<div id="login-container">
+		<div id="login" class="text-center">
+			<img id="login-logo" src="{{ url_for('static', filename='avatar.jpg') }}"
+				alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
+			<h1 id="main-title" class="h3 font-weight-normal">{{ _('Login') }}</h1>
+			<p>
+				{{ _('Welcome to the exercise system!') }}<br>
+				{{ _('Insert your username and password:') }}
+			</p>
+			{% if login_message %}
+			<div id="login-message-box" class="text-center">
+				<p>
+					{{ login_message }}
+				</p>
+			</div>
+			{% endif %}
+
+			<form class="align-items-center" method="post" action="{{ url_for('login') }}">
+				{{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
+				{{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
+				<input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token"
+					value="{{ csrf_token() }}" required>
+				<input class="form-control form-control-lg" type="hidden" name="next" id="next"
+					value="{{ request.args.get('next', '') }}">
+				<button class="btn btn-primary btn-lg btn-block">{{ _('Login') }}</button>
+				<a href="{{ url_for('reset_password') }}" id="forgot-my-password-link" role="button">{{ _('Forgot your
+					password?') }}</a>
+			</form>
+
+			{% if config.REGISTRATION_OPEN %}
+			<hr class="mt-3 mb-3">
+			<a href="{{ url_for('signup') }}" class="btn btn-success btn-sm" role="button">{{ _('Register') }}</a>
+			{% endif %}
+		</div>
+	</div>
+</div>
 {% endblock %}
diff --git a/lms/templates/signup.html b/lms/templates/signup.html
index f1a196d6..7dd058c3 100644
--- a/lms/templates/signup.html
+++ b/lms/templates/signup.html
@@ -2,28 +2,32 @@
 {% from "_formhelpers.html" import render_field %}
 
 {% block page_content %}
-  <div class="container">
-    <div id="signup-container">
-      <div id="signup" class="text-center">
-        <img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}" alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
-        <h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1>
-        <p>
-          {{ _('Welcome to the exercise system!') }}<br>
-          {{ _('Insert your email and password for registration:') }}
-        </p>
-        <form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}">
-            {{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }}
-            {{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
-            {{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }}
-            {{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
-            {{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }}
-          <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token" value="{{ csrf_token() }}" required>
-          <input class="form-control form-control-lg" type="hidden" name="next" id="next" value="{{ request.args.get('next', '') }}">
-          <button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button>
-        </form>
-        <hr class="mt-3 mb-3">
-        <a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a>
-      </div>
+<div class="container">
+  <div id="signup-container">
+    <div id="signup" class="text-center">
+      <img id="signup-logo" src="{{ url_for('static', filename='avatar.jpg') }}"
+        alt="{{ _('Profile picture of the Python Course') }}" width="72" height="72">
+      <h1 id="main-title" class="h3 font-weight-normal">{{ _('Registration') }}</h1>
+      <p>
+        {{ _('Welcome to the exercise system!') }}<br>
+        {{ _('Insert your email and password for registration:') }}
+      </p>
+      <form class="align-items-center {{ direction }}-language" method="post" action="{{ url_for('signup') }}">
+        {{ render_field(form.email, cls="form-control form-control-lg", placeholder=_('Email Address')) }}
+        {{ render_field(form.username, cls="form-control form-control-lg", placeholder=_('Username')) }}
+        {{ render_field(form.fullname, cls="form-control form-control-lg", placeholder=_('Full Name')) }}
+        {{ render_field(form.password, cls="form-control form-control-lg", placeholder=_('Password')) }}
+        {{ render_field(form.confirm, cls="form-control form-control-lg", placeholder=_('Password Confirmation')) }}
+        <input class="form-control form-control-lg" type="hidden" name="csrf_token" id="csrf_token"
+          value="{{ csrf_token() }}" required>
+        <input class="form-control form-control-lg" type="hidden" name="next" id="next"
+          value="{{ request.args.get('next', '') }}">
+        <button class="btn btn-primary btn-lg btn-block">{{ _('Register') }}</button>
+      </form>
+      <hr class="mt-3 mb-3">
+      <a href="/" class="btn btn-success btn-sm" role="button">{{ _('Back to login page') }}</a>
     </div>
   </div>
+</div>
+</div>
 {% endblock %}