diff --git a/.gitignore b/.gitignore
index b694934..f89b800 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
-.venv
\ No newline at end of file
+.venv
+db.sqlite
+**/__pycache__/
\ No newline at end of file
diff --git a/Server/DB/querys.py b/Server/DB/querys.py
index 9e9641b..36911e4 100644
--- a/Server/DB/querys.py
+++ b/Server/DB/querys.py
@@ -12,9 +12,13 @@ config.read('Options.ini')
 
 
 class compare:
+
     def is_user_pass_valid(username, password):
-        session_username = session.query(User).filter(User.username == username).one()
-        session.commit()
+        try: #check if username in db
+            session_username = session.query(User).filter(User.username == username).one()
+            session.commit()
+        except:
+            return False
         print(session_username.hashed_password)
         if bcrypt.hashpw(password.encode('utf-8'), session_username.salt) == session_username.hashed_password.encode('utf-8'):
             return True
diff --git a/Server/Host/flaskApp.py b/Server/Host/flaskApp.py
index afdbcc1..b5db8f5 100644
--- a/Server/Host/flaskApp.py
+++ b/Server/Host/flaskApp.py
@@ -69,8 +69,7 @@ def login():
     form = LoginForm()
     if form.validate_on_submit():
         user = user_loader(form.username.data)
-        #TODO if username not in User:
-        #TODO return if username or pass wrong a red textbox in ui...
+
         if user and compare.is_user_pass_valid(form.username.data, form.password.data):
             login_user(user) # store user id in session
             
@@ -82,8 +81,9 @@ def login():
             #next = request.args.get('next') is written in documentaion FLASK 
             #return redirect(next, url_for('orders')) # redirect to orders page
             return redirect(url_for('orders')) # redirect to orders page
+        #return wrong_user_pass.html a indexer for wrong pass or username 
+        return render_template('partials/_wrong_user_pass.html', form=form)
     return render_template('login.html', form=form)
-
 @app.route("/logout") #TODO make a button
 @login_required
 def logout():
diff --git a/Server/Host/templates/partials/_wrong_user_pass.html b/Server/Host/templates/partials/_wrong_user_pass.html
new file mode 100644
index 0000000..f9e6baf
--- /dev/null
+++ b/Server/Host/templates/partials/_wrong_user_pass.html
@@ -0,0 +1,52 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Login Page</title>
+</head>
+<style>
+/* Grundstil der Textbox */
+div {
+  border: 2px solid gray;
+  width: 17vw;
+  margin-top: 5px;
+  height: 30px;
+  text-align: center;
+  font-size: 1rem;
+  outline: none;
+  transition: border-color 0.3s ease;
+}
+
+/* Schüttel-Animation definieren */
+@keyframes shake {
+  0% { transform: translateX(0); }
+  25% { transform: translateX(5px); }
+  50% { transform: translateX(-5px); }
+  75% { transform: translateX(5px); }
+  100% { transform: translateX(0); }
+}
+
+/* Animation bei ungültigem Zustand oder wenn Klasse "shake" gesetzt wird */
+div.shake {
+  border-color: red;
+  animation: shake 0.3s ease-in-out 0s 3;
+}
+</style>
+<body>
+    <h1>Login Page</h1>
+    <div type="text" class="shake" placeholder="Invalid">Invalid User or Password</div>
+    <form method="POST" action="{{ url_for('login') }}">
+        {{ form.csrf_token }}
+        {{ form.username.label }}
+        {{ form.username }}
+        <br>
+        <br>
+        {{ form.password.label }}
+        {{ form.password }}
+        <br>
+        <p>{{ form.remember_me }} {{ form.remember_me.label }}</p>
+        <br>
+        {{ form.submit }}
+    </form>
+</body>
+
+</html>