diff --git a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java
index 777c96bd2..abcb48605 100644
--- a/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java
+++ b/extensions/guacamole-auth-duo/src/main/java/org/apache/guacamole/auth/duo/UserVerificationService.java
@@ -22,16 +22,16 @@ package org.apache.guacamole.auth.duo;
 import com.google.inject.Inject;
 import java.util.Collections;
 import javax.servlet.http.HttpServletRequest;
-import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.duo.api.DuoService;
 import org.apache.guacamole.auth.duo.conf.ConfigurationService;
 import org.apache.guacamole.auth.duo.form.DuoSignedResponseField;
 import org.apache.guacamole.form.Field;
+import org.apache.guacamole.language.TranslatableGuacamoleClientException;
+import org.apache.guacamole.language.TranslatableGuacamoleInsufficientCredentialsException;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
-import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
 
 /**
  * Service for verifying the identity of a user against Duo.
@@ -95,14 +95,18 @@ public class UserVerificationService {
                         Collections.singletonList(signedResponseField));
 
             // Request additional credentials
-            throw new GuacamoleInsufficientCredentialsException(
-                    "LOGIN.INFO_DUO_AUTH_REQUIRED", expectedCredentials);
+            throw new TranslatableGuacamoleInsufficientCredentialsException(
+                    "Verification using Duo is required before authentication "
+                    + "can continue.", "LOGIN.INFO_DUO_AUTH_REQUIRED",
+                    expectedCredentials);
 
         }
 
         // If signed response does not verify this user's identity, abort auth
         if (!duoService.isValidSignedResponse(authenticatedUser, signedResponse))
-            throw new GuacamoleClientException("LOGIN.INFO_DUO_VALIDATION_CODE_INCORRECT");
+            throw new TranslatableGuacamoleClientException("Provided Duo "
+                    + "validation code is incorrect.",
+                    "LOGIN.INFO_DUO_VALIDATION_CODE_INCORRECT");
 
     }
 
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
index ff605b984..646bf20d3 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
@@ -21,7 +21,6 @@ package org.apache.guacamole.auth.jdbc;
 
 import com.google.inject.Inject;
 import com.google.inject.Provider;
-import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.jdbc.security.PasswordPolicyService;
 import org.apache.guacamole.auth.jdbc.sharing.user.SharedAuthenticatedUser;
@@ -29,6 +28,7 @@ import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.auth.jdbc.user.ModeledUser;
 import org.apache.guacamole.auth.jdbc.user.ModeledUserContext;
 import org.apache.guacamole.auth.jdbc.user.UserService;
+import org.apache.guacamole.language.TranslatableGuacamoleClientException;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
@@ -104,11 +104,15 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
 
                 // Verify user account is still valid as of today
                 if (!user.isAccountValid())
-                    throw new GuacamoleClientException("LOGIN.ERROR_NOT_VALID");
+                    throw new TranslatableGuacamoleClientException("User "
+                            + "account is no longer valid.",
+                            "LOGIN.ERROR_NOT_VALID");
 
                 // Verify user account is allowed to be used at the current time
                 if (!user.isAccountAccessible())
-                    throw new GuacamoleClientException("LOGIN.ERROR_NOT_ACCESSIBLE");
+                    throw new TranslatableGuacamoleClientException("User "
+                            + "account may not be used at this time.",
+                            "LOGIN.ERROR_NOT_ACCESSIBLE");
 
             }
 
diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
index 0cfe90067..a68f08237 100644
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
@@ -46,12 +46,13 @@ import org.apache.guacamole.auth.jdbc.security.PasswordEncryptionService;
 import org.apache.guacamole.auth.jdbc.security.PasswordPolicyService;
 import org.apache.guacamole.form.Field;
 import org.apache.guacamole.form.PasswordField;
+import org.apache.guacamole.language.TranslatableGuacamoleClientException;
+import org.apache.guacamole.language.TranslatableGuacamoleInsufficientCredentialsException;
 import org.apache.guacamole.net.auth.ActivityRecord;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.User;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
-import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
 import org.apache.guacamole.net.auth.permission.SystemPermission;
@@ -494,20 +495,25 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
         // Require new password if account is expired
         if (newPassword == null || confirmNewPassword == null) {
             logger.info("The password of user \"{}\" has expired and must be reset.", username);
-            throw new GuacamoleInsufficientCredentialsException("LOGIN.INFO_PASSWORD_EXPIRED", EXPIRED_PASSWORD);
+            throw new TranslatableGuacamoleInsufficientCredentialsException("Password has expired",
+                    "LOGIN.INFO_PASSWORD_EXPIRED", EXPIRED_PASSWORD);
         }
 
         // New password must be different from old password
         if (newPassword.equals(credentials.getPassword()))
-            throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_SAME");
+            throw new TranslatableGuacamoleClientException("New passwords may "
+                    + "not be identical to the current password if password "
+                    + "reset is required.", "LOGIN.ERROR_PASSWORD_SAME");
 
         // New password must not be blank
         if (newPassword.isEmpty())
-            throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_BLANK");
+            throw new TranslatableGuacamoleClientException("Passwords may not "
+                    + "be blank.", "LOGIN.ERROR_PASSWORD_BLANK");
 
         // Confirm that the password was entered correctly twice
         if (!newPassword.equals(confirmNewPassword))
-            throw new GuacamoleClientException("LOGIN.ERROR_PASSWORD_MISMATCH");
+            throw new TranslatableGuacamoleClientException("New password does "
+                    + "not match.", "LOGIN.ERROR_PASSWORD_MISMATCH");
 
         // Verify new password does not violate defined policies
         passwordPolicyService.verifyPassword(username, newPassword);
diff --git a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/QuickConnectException.java b/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/QuickConnectException.java
deleted file mode 100644
index 6e4d5b94c..000000000
--- a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/QuickConnectException.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.guacamole.auth.quickconnect;
-
-import org.apache.guacamole.GuacamoleClientException;
-import org.apache.guacamole.language.Translatable;
-import org.apache.guacamole.language.TranslatableMessage;
-
-/**
- * An exception that is thrown by this extension when an error occurs
- * attempting to create and establish a connection with a user-provided
- * URI.
- */
-public class QuickConnectException extends GuacamoleClientException
-        implements Translatable {
-    
-    /**
-     * A message that can be passed through the translation service
-     * to provide information about the error that occurred.
-     */
-    private final TranslatableMessage translatableMessage;
-    
-    /**
-     * Create a QuickConnectException with the given message and translationKey.
-     * The message will not be passed through the translation system; the
-     * translationKey will be passed through the translation system.  Both should
-     * describe the error.
-     * 
-     * @param message
-     *     A string describing the error that occurred when trying to create
-     *     or establish the connection.  This will not be passed through the
-     *     translation system.
-     * 
-     * @param translationKey
-     *     A key known to the translation system describing the error that 
-     *     occurred when trying to create or establish the connection.
-     *     This will be passed through the translation system to provide 
-     *     a localized version of the message.
-     */
-    public QuickConnectException(String message, String translationKey) {
-        super(message);
-        this.translatableMessage = new TranslatableMessage(translationKey);
-    }
-    
-    /**
-     * Create a new QuickConnectException given the human-readable message,
-     * which will not be passed through the translation system, and the
-     * translatableMessage, which will be passed through the translation system.
-     * Both parameters should describe the error preventing the connection
-     * from being created or established.
-     * 
-     * @param message
-     *     The human-readable message describing the error, which will not
-     *     be passed through the translation system.
-     * 
-     * @param translatableMessage
-     *     The human-readable message describing the error, which will be
-     *     passed through the translation system.
-     */
-    public QuickConnectException(String message, TranslatableMessage translatableMessage) {
-        super(message);
-        this.translatableMessage = translatableMessage;
-    }
-    
-    @Override
-    public TranslatableMessage getTranslatableMessage() {
-        return translatableMessage;
-    }
-    
-}
diff --git a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java b/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java
index 3e2e5e5ab..e5fc8ec0b 100644
--- a/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java
+++ b/extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/utility/QCParser.java
@@ -32,7 +32,7 @@ import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import org.apache.guacamole.GuacamoleServerException;
 import org.apache.guacamole.GuacamoleException;
-import org.apache.guacamole.auth.quickconnect.QuickConnectException;
+import org.apache.guacamole.language.TranslatableGuacamoleClientException;
 import org.apache.guacamole.protocol.GuacamoleConfiguration;
 
 /**
@@ -78,11 +78,11 @@ public class QCParser {
         try {
             qcUri = new URI(uri);
             if (!qcUri.isAbsolute())
-                throw new QuickConnectException("URI must be absolute.",
+                throw new TranslatableGuacamoleClientException("URI must be absolute.",
                         "QUICKCONNECT.ERROR_NOT_ABSOLUTE_URI");
         }
         catch (URISyntaxException e) {
-            throw new QuickConnectException("Invalid URI Syntax",
+            throw new TranslatableGuacamoleClientException("Invalid URI Syntax",
                     "QUICKCONNECT.ERROR_INVALID_URI");
         }
 
@@ -100,7 +100,7 @@ public class QCParser {
         if (protocol != null && !protocol.isEmpty())
             qcConfig.setProtocol(protocol);
         else
-            throw new QuickConnectException("No protocol specified.",
+            throw new TranslatableGuacamoleClientException("No protocol specified.",
                     "QUICKCONNECT.ERROR_NO_PROTOCOL");
 
         // Check for provided port number
@@ -111,7 +111,7 @@ public class QCParser {
         if (host != null && !host.isEmpty())
             qcConfig.setParameter("hostname", host);
         else
-            throw new QuickConnectException("No host specified.",
+            throw new TranslatableGuacamoleClientException("No host specified.",
                     "QUICKCONNECT.ERROR_NO_HOST");
 
         // Look for extra query parameters and parse them out.
diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java
index 2414ee872..a73d08f96 100644
--- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java
@@ -27,19 +27,19 @@ import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
-import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleSecurityException;
 import org.apache.guacamole.GuacamoleUnsupportedException;
 import org.apache.guacamole.auth.totp.conf.ConfigurationService;
 import org.apache.guacamole.auth.totp.form.AuthenticationCodeField;
 import org.apache.guacamole.form.Field;
+import org.apache.guacamole.language.TranslatableGuacamoleClientException;
+import org.apache.guacamole.language.TranslatableGuacamoleInsufficientCredentialsException;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.Credentials;
 import org.apache.guacamole.net.auth.User;
 import org.apache.guacamole.net.auth.UserContext;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
-import org.apache.guacamole.net.auth.credentials.GuacamoleInsufficientCredentialsException;
 import org.apache.guacamole.totp.TOTPGenerator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -249,15 +249,18 @@ public class UserVerificationService {
             // If the user hasn't completed enrollment, request that they do
             if (!key.isConfirmed()) {
                 field.exposeKey(key);
-                throw new GuacamoleInsufficientCredentialsException(
+                throw new TranslatableGuacamoleInsufficientCredentialsException(
+                        "TOTP enrollment must be completed before "
+                        + "authentication can continue",
                         "TOTP.INFO_ENROLL_REQUIRED", new CredentialsInfo(
                             Collections.<Field>singletonList(field)
                         ));
             }
 
             // Otherwise simply request the user's authentication code
-            throw new GuacamoleInsufficientCredentialsException(
-                    "TOTP.INFO_CODE_REQUIRED", new CredentialsInfo(
+            throw new TranslatableGuacamoleInsufficientCredentialsException(
+                    "A TOTP authentication code is required before login can "
+                    + "continue", "TOTP.INFO_CODE_REQUIRED", new CredentialsInfo(
                         Collections.<Field>singletonList(field)
                     ));
 
@@ -291,7 +294,8 @@ public class UserVerificationService {
         }
 
         // Provided code is not valid
-        throw new GuacamoleClientException("TOTP.INFO_VERIFICATION_FAILED");
+        throw new TranslatableGuacamoleClientException("Provided TOTP code "
+                + "is not valid.", "TOTP.INFO_VERIFICATION_FAILED");
 
     }