diff --git a/internal/api/ui/login/change_password_handler.go b/internal/api/ui/login/change_password_handler.go
index 3c1abb6f5a..bdbbb20682 100644
--- a/internal/api/ui/login/change_password_handler.go
+++ b/internal/api/ui/login/change_password_handler.go
@@ -40,8 +40,9 @@ func (l *Login) renderChangePassword(w http.ResponseWriter, r *http.Request, aut
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
+	translator := l.getTranslator(r.Context(), authReq)
 	data := passwordData{
-		baseData:    l.getBaseData(r, authReq, "Change Password", errID, errMessage),
+		baseData:    l.getBaseData(r, authReq, "PasswordChange.Title","PasswordChange.Description", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 	}
 	policy := l.getPasswordComplexityPolicy(r, authReq.UserOrgID)
@@ -60,12 +61,12 @@ func (l *Login) renderChangePassword(w http.ResponseWriter, r *http.Request, aut
 			data.HasNumber = NumberRegex
 		}
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplChangePassword], data, nil)
 }
 
 func (l *Login) renderChangePasswordDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
 	var errType, errMessage string
-	data := l.getUserData(r, authReq, "Password Change Done", errType, errMessage)
-	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplChangePasswordDone], data, nil)
+	translator := l.getTranslator(r.Context(), authReq)
+	data := l.getUserData(r, authReq, "PasswordChange.Title","PasswordChange.Description", errType, errMessage)
+	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplChangePasswordDone], data, nil)
 }
diff --git a/internal/api/ui/login/external_login_handler.go b/internal/api/ui/login/external_login_handler.go
index aeba74805b..0a7eeb9b64 100644
--- a/internal/api/ui/login/external_login_handler.go
+++ b/internal/api/ui/login/external_login_handler.go
@@ -287,8 +287,9 @@ func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Requ
 		return
 	}
 
+	translator := l.getTranslator(r.Context(), authReq)
 	data := externalNotFoundOptionData{
-		baseData: l.getBaseData(r, authReq, "ExternalNotFoundOption", errID, errMessage),
+		baseData: l.getBaseData(r, authReq, "ExternalNotFound.Title", "ExternalNotFound.Description", errID, errMessage),
 		externalNotFoundOptionFormData: externalNotFoundOptionFormData{
 			externalRegisterFormData: externalRegisterFormData{
 				Email:     human.EmailAddress,
@@ -313,7 +314,6 @@ func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Requ
 		data.ExternalPhone = human.PhoneNumber
 		data.ExternalPhoneVerified = human.IsPhoneVerified
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplExternalNotFoundOption], data, nil)
 }
 
diff --git a/internal/api/ui/login/external_register_handler.go b/internal/api/ui/login/external_register_handler.go
index 751457397f..180d75281c 100644
--- a/internal/api/ui/login/external_register_handler.go
+++ b/internal/api/ui/login/external_register_handler.go
@@ -179,8 +179,9 @@ func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Re
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
 
+	translator := l.getTranslator(r.Context(), authReq)
 	data := externalRegisterData{
-		baseData: l.getBaseData(r, authReq, "ExternalRegisterOverview", errID, errMessage),
+		baseData: l.getBaseData(r, authReq, "ExternalRegistrationUserOverview.Title", "ExternalRegistrationUserOverview.Description", errID, errMessage),
 		externalRegisterFormData: externalRegisterFormData{
 			Email:     human.EmailAddress,
 			Username:  human.Username,
@@ -203,7 +204,6 @@ func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Re
 		data.ExternalPhone = human.PhoneNumber
 		data.ExternalPhoneVerified = human.IsPhoneVerified
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplExternalRegisterOverview], data, nil)
 }
 
diff --git a/internal/api/ui/login/init_password_handler.go b/internal/api/ui/login/init_password_handler.go
index ca577c995e..eaf268fa37 100644
--- a/internal/api/ui/login/init_password_handler.go
+++ b/internal/api/ui/login/init_password_handler.go
@@ -123,8 +123,11 @@ func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authR
 	if userID == "" && authReq != nil {
 		userID = authReq.UserID
 	}
+
+	translator := l.getTranslator(r.Context(), authReq)
+
 	data := initPasswordData{
-		baseData:    l.getBaseData(r, authReq, "Init Password", errID, errMessage),
+		baseData:    l.getBaseData(r, authReq, "InitPassword.Title","InitPassword.Description", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 		UserID:      userID,
 		Code:        code,
@@ -145,7 +148,6 @@ func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authR
 			data.HasNumber = NumberRegex
 		}
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		user, err := l.query.GetUserByID(r.Context(), false, userID)
 		if err == nil {
@@ -156,7 +158,7 @@ func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authR
 }
 
 func (l *Login) renderInitPasswordDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgID string) {
-	data := l.getUserData(r, authReq, "Password Init Done", "", "")
+	data := l.getUserData(r, authReq, "InitPasswordDone.Title", "InitPasswordDone.Description", "", "")
 	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		l.customTexts(r.Context(), translator, orgID)
diff --git a/internal/api/ui/login/init_user_handler.go b/internal/api/ui/login/init_user_handler.go
index 707cbc8416..41bba5931b 100644
--- a/internal/api/ui/login/init_user_handler.go
+++ b/internal/api/ui/login/init_user_handler.go
@@ -115,8 +115,10 @@ func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *
 	if authReq != nil {
 		userID = authReq.UserID
 	}
+
+	translator := l.getTranslator(r.Context(), authReq)
 	data := initUserData{
-		baseData:    l.getBaseData(r, authReq, "Init User", errID, errMessage),
+		baseData:    l.getBaseData(r, authReq, "InitUser.Title", "InitUser.Description", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 		UserID:      userID,
 		LoginName:   loginName,
@@ -139,7 +141,6 @@ func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *
 			data.HasNumber = NumberRegex
 		}
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		user, err := l.query.GetUserByID(r.Context(), false, userID)
 		if err == nil {
@@ -150,7 +151,7 @@ func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *
 }
 
 func (l *Login) renderInitUserDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgID string) {
-	data := l.getUserData(r, authReq, "User Init Done", "", "")
+	data := l.getUserData(r, authReq,"InitUserDone.Title" ,"InitUserDone.Description", "", "")
 	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		l.customTexts(r.Context(), translator, orgID)
diff --git a/internal/api/ui/login/link_users_handler.go b/internal/api/ui/login/link_users_handler.go
index 8aedc1c519..09d42e91ec 100644
--- a/internal/api/ui/login/link_users_handler.go
+++ b/internal/api/ui/login/link_users_handler.go
@@ -19,6 +19,6 @@ func (l *Login) linkUsers(w http.ResponseWriter, r *http.Request, authReq *domai
 
 func (l *Login) renderLinkUsersDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
 	var errType, errMessage string
-	data := l.getUserData(r, authReq, "Linking Users Done", errType, errMessage)
+	data := l.getUserData(r, authReq, "LinkingUsersDone.Title", "LinkingUsersDone.Description", errType, errMessage)
 	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplLinkUsersDone], data, nil)
 }
diff --git a/internal/api/ui/login/login_handler.go b/internal/api/ui/login/login_handler.go
index 6d4e317e3b..b90e593c81 100644
--- a/internal/api/ui/login/login_handler.go
+++ b/internal/api/ui/login/login_handler.go
@@ -99,7 +99,7 @@ func (l *Login) renderLogin(w http.ResponseWriter, r *http.Request, authReq *dom
 		l.handleIDP(w, r, authReq, authReq.AllowedExternalIDPs[0].IDPConfigID)
 		return
 	}
-	data := l.getUserData(r, authReq, "Login", errID, errMessage)
+	data := l.getUserData(r, authReq, "Login.Title","Login.Description", errID, errMessage)
 	funcs := map[string]interface{}{
 		"hasUsernamePasswordLogin": func() bool {
 			return authReq != nil && authReq.LoginPolicy != nil && authReq.LoginPolicy.AllowUsernamePassword
diff --git a/internal/api/ui/login/login_success_handler.go b/internal/api/ui/login/login_success_handler.go
index b97fb058a7..155de90a54 100644
--- a/internal/api/ui/login/login_success_handler.go
+++ b/internal/api/ui/login/login_success_handler.go
@@ -41,7 +41,7 @@ func (l *Login) renderSuccessAndCallback(w http.ResponseWriter, r *http.Request,
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := loginSuccessData{
-		userData: l.getUserData(r, authReq, "Login Successful", errID, errMessage),
+		userData: l.getUserData(r, authReq, "LoginSuccess.Title","", errID, errMessage),
 	}
 	if authReq != nil {
 		//the id will be set via the html (maybe change this with the login refactoring)
diff --git a/internal/api/ui/login/logout_handler.go b/internal/api/ui/login/logout_handler.go
index 1efb81ba92..21a3c436bb 100644
--- a/internal/api/ui/login/logout_handler.go
+++ b/internal/api/ui/login/logout_handler.go
@@ -13,6 +13,6 @@ func (l *Login) handleLogoutDone(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderLogoutDone(w http.ResponseWriter, r *http.Request) {
-	data := l.getUserData(r, nil, "Logout Done", "", "")
+	data := l.getUserData(r, nil, "LogoutDone.Title","LogoutDone.Description", "", "")
 	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), nil), l.renderer.Templates[tmplLogoutDone], data, nil)
 }
diff --git a/internal/api/ui/login/mail_verify_handler.go b/internal/api/ui/login/mail_verify_handler.go
index db781005c1..bb61a842c8 100644
--- a/internal/api/ui/login/mail_verify_handler.go
+++ b/internal/api/ui/login/mail_verify_handler.go
@@ -92,12 +92,13 @@ func (l *Login) renderMailVerification(w http.ResponseWriter, r *http.Request, a
 	if userID == "" {
 		userID = authReq.UserID
 	}
+
+	translator := l.getTranslator(r.Context(), authReq)
 	data := mailVerificationData{
-		baseData:    l.getBaseData(r, authReq, "Mail Verification", errID, errMessage),
+		baseData:    l.getBaseData(r, authReq, "EmailVerification.Title","EmailVerification.Description", errID, errMessage),
 		UserID:      userID,
 		profileData: l.getProfileData(authReq),
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		user, err := l.query.GetUserByID(r.Context(), false, userID)
 		if err == nil {
@@ -108,11 +109,11 @@ func (l *Login) renderMailVerification(w http.ResponseWriter, r *http.Request, a
 }
 
 func (l *Login) renderMailVerified(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgID string) {
+	translator := l.getTranslator(r.Context(), authReq)
 	data := mailVerificationData{
-		baseData:    l.getBaseData(r, authReq, "Mail Verified", "", ""),
+		baseData:    l.getBaseData(r, authReq, "EmailVerificationDone.Title","EmailVerificationDone.Description", "", ""),
 		profileData: l.getProfileData(authReq),
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		l.customTexts(r.Context(), translator, orgID)
 	}
diff --git a/internal/api/ui/login/mfa_init_done_handler.go b/internal/api/ui/login/mfa_init_done_handler.go
index c396e789ac..0ef0c2ab84 100644
--- a/internal/api/ui/login/mfa_init_done_handler.go
+++ b/internal/api/ui/login/mfa_init_done_handler.go
@@ -15,8 +15,8 @@ type mfaInitDoneData struct {
 
 func (l *Login) renderMFAInitDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, data *mfaDoneData) {
 	var errType, errMessage string
-	data.baseData = l.getBaseData(r, authReq, "MFA Init Done", errType, errMessage)
-	data.profileData = l.getProfileData(authReq)
 	translator := l.getTranslator(r.Context(), authReq)
+	data.baseData = l.getBaseData(r, authReq, "InitMFADone.Title","InitMFADone.Description", errType, errMessage)
+	data.profileData = l.getProfileData(authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplMFAInitDone], data, nil)
 }
diff --git a/internal/api/ui/login/mfa_init_u2f.go b/internal/api/ui/login/mfa_init_u2f.go
index 372741458b..210f6949fc 100644
--- a/internal/api/ui/login/mfa_init_u2f.go
+++ b/internal/api/ui/login/mfa_init_u2f.go
@@ -31,7 +31,7 @@ func (l *Login) renderRegisterU2F(w http.ResponseWriter, r *http.Request, authRe
 	}
 	data := &u2fInitData{
 		webAuthNData: webAuthNData{
-			userData:               l.getUserData(r, authReq, "Register WebAuthNToken", errID, errMessage),
+			userData:               l.getUserData(r, authReq, "InitMFAU2F.Title","InitMFAU2F.Description", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		MFAType: domain.MFATypeU2F,
diff --git a/internal/api/ui/login/mfa_init_verify_handler.go b/internal/api/ui/login/mfa_init_verify_handler.go
index cefe580632..5993e2ae7e 100644
--- a/internal/api/ui/login/mfa_init_verify_handler.go
+++ b/internal/api/ui/login/mfa_init_verify_handler.go
@@ -70,7 +70,8 @@ func (l *Login) renderMFAInitVerify(w http.ResponseWriter, r *http.Request, auth
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data.baseData = l.getBaseData(r, authReq, "MFA Init Verify", errID, errMessage)
+	translator := l.getTranslator(r.Context(), authReq)
+	data.baseData = l.getBaseData(r, authReq, "InitMFAOTP.Title", "InitMFAOTP.Description", errID, errMessage)
 	data.profileData = l.getProfileData(authReq)
 	if data.MFAType == domain.MFATypeOTP {
 		code, err := generateQrCode(data.otpData.Url)
@@ -79,7 +80,6 @@ func (l *Login) renderMFAInitVerify(w http.ResponseWriter, r *http.Request, auth
 		}
 	}
 
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplMFAInitVerify], data, nil)
 }
 
diff --git a/internal/api/ui/login/mfa_prompt_handler.go b/internal/api/ui/login/mfa_prompt_handler.go
index 00219bdf82..8ca0783c8a 100644
--- a/internal/api/ui/login/mfa_prompt_handler.go
+++ b/internal/api/ui/login/mfa_prompt_handler.go
@@ -54,8 +54,9 @@ func (l *Login) renderMFAPrompt(w http.ResponseWriter, r *http.Request, authReq
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
+	translator := l.getTranslator(r.Context(), authReq)
 	data := mfaData{
-		baseData:    l.getBaseData(r, authReq, "MFA Prompt", errID, errMessage),
+		baseData:    l.getBaseData(r, authReq, "InitMFAPrompt.Title","InitMFAPrompt.Description", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 	}
 
@@ -74,7 +75,6 @@ func (l *Login) renderMFAPrompt(w http.ResponseWriter, r *http.Request, authReq
 		l.handleMFACreation(w, r, authReq, data)
 		return
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplMFAPrompt], data, nil)
 }
 
diff --git a/internal/api/ui/login/mfa_verify_handler.go b/internal/api/ui/login/mfa_verify_handler.go
index 4bfef5d6a0..dde6341da1 100644
--- a/internal/api/ui/login/mfa_verify_handler.go
+++ b/internal/api/ui/login/mfa_verify_handler.go
@@ -58,23 +58,29 @@ func (l *Login) renderMFAVerifySelected(w http.ResponseWriter, r *http.Request,
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "MFA Verify", errID, errMessage)
+	data := l.getUserData(r, authReq, "","", errID, errMessage)
 	if verificationStep == nil {
 		l.renderError(w, r, authReq, err)
 		return
 	}
+	translator := l.getTranslator(r.Context(), authReq)
+
 	switch selectedProvider {
 	case domain.MFATypeU2F:
+		data.Title = translator.LocalizeWithoutArgs("VerifyMFAU2F.Title")
+		data.Description = translator.LocalizeWithoutArgs("VerifyMFAU2F.Description")
 		l.renderU2FVerification(w, r, authReq, removeSelectedProviderFromList(verificationStep.MFAProviders, domain.MFATypeU2F), nil)
 		return
 	case domain.MFATypeOTP:
 		data.MFAProviders = removeSelectedProviderFromList(verificationStep.MFAProviders, domain.MFATypeOTP)
 		data.SelectedMFAProvider = domain.MFATypeOTP
+		data.Title = translator.LocalizeWithoutArgs("VerifyMFAOTP.Title")
+		data.Description = translator.LocalizeWithoutArgs("VerifyMFAOTP.Description")
 	default:
 		l.renderError(w, r, authReq, err)
 		return
 	}
-	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplMFAVerify], data, nil)
+	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplMFAVerify], data, nil)
 }
 
 func removeSelectedProviderFromList(providers []domain.MFAType, selected domain.MFAType) []domain.MFAType {
diff --git a/internal/api/ui/login/mfa_verify_u2f_handler.go b/internal/api/ui/login/mfa_verify_u2f_handler.go
index 54c3847d59..135f29971a 100644
--- a/internal/api/ui/login/mfa_verify_u2f_handler.go
+++ b/internal/api/ui/login/mfa_verify_u2f_handler.go
@@ -39,7 +39,7 @@ func (l *Login) renderU2FVerification(w http.ResponseWriter, r *http.Request, au
 	}
 	data := &mfaU2FData{
 		webAuthNData: webAuthNData{
-			userData:               l.getUserData(r, authReq, "Login WebAuthNToken", errID, errMessage),
+			userData:               l.getUserData(r, authReq, "VerifyMFAU2F.Title","VerifyMFAU2F.Description", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		MFAProviders:     providers,
diff --git a/internal/api/ui/login/password_handler.go b/internal/api/ui/login/password_handler.go
index b9b43d9ee1..ed292d22e3 100644
--- a/internal/api/ui/login/password_handler.go
+++ b/internal/api/ui/login/password_handler.go
@@ -19,7 +19,7 @@ func (l *Login) renderPassword(w http.ResponseWriter, r *http.Request, authReq *
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Password", errID, errMessage)
+	data := l.getUserData(r, authReq, "Password.Title","Password.Description", errID, errMessage)
 	funcs := map[string]interface{}{
 		"showPasswordReset": func() bool {
 			if authReq.LoginPolicy != nil {
diff --git a/internal/api/ui/login/password_reset_handler.go b/internal/api/ui/login/password_reset_handler.go
index 0513d2c7df..c7dcc0a97f 100644
--- a/internal/api/ui/login/password_reset_handler.go
+++ b/internal/api/ui/login/password_reset_handler.go
@@ -45,6 +45,6 @@ func (l *Login) renderPasswordResetDone(w http.ResponseWriter, r *http.Request,
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Password Reset Done", errID, errMessage)
+	data := l.getUserData(r, authReq, "PasswordResetDone.Title","PasswordResetDone.Description", errID, errMessage)
 	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplPasswordResetDone], data, nil)
 }
diff --git a/internal/api/ui/login/passwordless_login_handler.go b/internal/api/ui/login/passwordless_login_handler.go
index a099e413ed..69d2b5121f 100644
--- a/internal/api/ui/login/passwordless_login_handler.go
+++ b/internal/api/ui/login/passwordless_login_handler.go
@@ -38,7 +38,7 @@ func (l *Login) renderPasswordlessVerification(w http.ResponseWriter, r *http.Re
 	}
 	data := &passwordlessData{
 		webAuthNData{
-			userData:               l.getUserData(r, authReq, "Login Passwordless", errID, errMessage),
+			userData:               l.getUserData(r, authReq, "Passwordless.Title","Passwordless.Description", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		passwordSet,
diff --git a/internal/api/ui/login/passwordless_prompt_handler.go b/internal/api/ui/login/passwordless_prompt_handler.go
index dd0408e110..8020184c18 100644
--- a/internal/api/ui/login/passwordless_prompt_handler.go
+++ b/internal/api/ui/login/passwordless_prompt_handler.go
@@ -32,7 +32,7 @@ func (l *Login) renderPasswordlessPrompt(w http.ResponseWriter, r *http.Request,
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := &passwordlessPromptData{
-		userData: l.getUserData(r, authReq, "Passwordless Prompt", errID, errMessage),
+		userData: l.getUserData(r, authReq, "PasswordlessPrompt.Title","PasswordlessPrompt.Description", errID, errMessage),
 	}
 
 	translator := l.getTranslator(r.Context(), authReq)
diff --git a/internal/api/ui/login/passwordless_registration_handler.go b/internal/api/ui/login/passwordless_registration_handler.go
index 4ec7e9d6ec..af9444047d 100644
--- a/internal/api/ui/login/passwordless_registration_handler.go
+++ b/internal/api/ui/login/passwordless_registration_handler.go
@@ -99,9 +99,11 @@ func (l *Login) renderPasswordlessRegistration(w http.ResponseWriter, r *http.Re
 	if webAuthNToken != nil {
 		credentialData = base64.RawURLEncoding.EncodeToString(webAuthNToken.CredentialCreationData)
 	}
+
+	translator := l.getTranslator(r.Context(), authReq)
 	data := &passwordlessRegistrationData{
 		webAuthNData{
-			userData:               l.getUserData(r, authReq, "Login Passwordless", errID, errMessage),
+			userData:               l.getUserData(r, authReq, "PasswordlessRegistration.Title", "PasswordlessRegistration.Description", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		code,
@@ -111,7 +113,6 @@ func (l *Login) renderPasswordlessRegistration(w http.ResponseWriter, r *http.Re
 		requestedPlatformType,
 		disabled,
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		policy, err := l.query.ActiveLabelPolicyByOrg(r.Context(), orgID)
 		logging.Log("HANDL-XjWKE").OnError(err).Error("unable to get active label policy")
@@ -191,11 +192,12 @@ func (l *Login) renderPasswordlessRegistrationDone(w http.ResponseWriter, r *htt
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
+	translator := l.getTranslator(r.Context(), authReq)
+
 	data := passwordlessRegistrationDoneDate{
-		userData:       l.getUserData(r, authReq, "Passwordless Registration Done", errID, errMessage),
+		userData:       l.getUserData(r, authReq, "PasswordlessRegistrationDone.Title","PasswordlessRegistrationDone.Description", errID, errMessage),
 		HideNextButton: authReq == nil,
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	if authReq == nil {
 		l.customTexts(r.Context(), translator, orgID)
 	}
diff --git a/internal/api/ui/login/register_handler.go b/internal/api/ui/login/register_handler.go
index d3e8b21bf8..d0213b806e 100644
--- a/internal/api/ui/login/register_handler.go
+++ b/internal/api/ui/login/register_handler.go
@@ -124,7 +124,7 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
 	}
 
 	data := registerData{
-		baseData:         l.getBaseData(r, authRequest, "Register", errID, errMessage),
+		baseData:         l.getBaseData(r, authRequest, "RegistrationUser.Title","RegistrationUser.Description", errID, errMessage),
 		registerFormData: *formData,
 	}
 
diff --git a/internal/api/ui/login/register_option_handler.go b/internal/api/ui/login/register_option_handler.go
index acb2dbc8a7..08f0617043 100644
--- a/internal/api/ui/login/register_option_handler.go
+++ b/internal/api/ui/login/register_option_handler.go
@@ -52,8 +52,9 @@ func (l *Login) renderRegisterOption(w http.ResponseWriter, r *http.Request, aut
 			return
 		}
 	}
+	translator := l.getTranslator(r.Context(), authReq)
 	data := registerOptionData{
-		baseData: l.getBaseData(r, authReq, "RegisterOption", errID, errMessage),
+		baseData: l.getBaseData(r, authReq, "RegisterOption.Title","RegisterOption.Description", errID, errMessage),
 	}
 	funcs := map[string]interface{}{
 		"hasRegistration": func() bool {
@@ -63,7 +64,6 @@ func (l *Login) renderRegisterOption(w http.ResponseWriter, r *http.Request, aut
 			return externalAllowed
 		},
 	}
-	translator := l.getTranslator(r.Context(), authReq)
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplRegisterOption], data, funcs)
 }
 
diff --git a/internal/api/ui/login/register_org_handler.go b/internal/api/ui/login/register_org_handler.go
index 4338a86b97..80c25c2b6c 100644
--- a/internal/api/ui/login/register_org_handler.go
+++ b/internal/api/ui/login/register_org_handler.go
@@ -86,8 +86,9 @@ func (l *Login) renderRegisterOrg(w http.ResponseWriter, r *http.Request, authRe
 	if formData == nil {
 		formData = new(registerOrgFormData)
 	}
+	translator := l.getTranslator(r.Context(), authRequest)
 	data := registerOrgData{
-		baseData:            l.getBaseData(r, authRequest, "Register", errID, errMessage),
+		baseData:            l.getBaseData(r, authRequest, "RegistrationOrg.Title","RegistrationOrg.Description", errID, errMessage),
 		registerOrgFormData: *formData,
 	}
 	pwPolicy := l.getPasswordComplexityPolicy(r, "0")
@@ -112,7 +113,6 @@ func (l *Login) renderRegisterOrg(w http.ResponseWriter, r *http.Request, authRe
 		data.IamDomain = authz.GetInstance(r.Context()).RequestedDomain()
 	}
 
-	translator := l.getTranslator(r.Context(), authRequest)
 	if authRequest == nil {
 		l.customTexts(r.Context(), translator, "")
 	}
diff --git a/internal/api/ui/login/renderer.go b/internal/api/ui/login/renderer.go
index 292ec59249..185b04e98b 100644
--- a/internal/api/ui/login/renderer.go
+++ b/internal/api/ui/login/renderer.go
@@ -105,6 +105,16 @@ func CreateRenderer(pathPrefix string, staticDir http.FileSystem, staticStorage
 			}
 			return path.Join(r.pathPrefix, fmt.Sprintf("%s?%s=%s&%s=%v&%s=%s", EndpointDynamicResources, "orgId", orgID, "default-policy", policy.Default, "filename", fileName))
 		},
+		"customIconResource": func(orgID string, policy *domain.LabelPolicy, darkMode bool) string {
+			fileName := policy.IconURL
+			if darkMode && policy.IconDarkURL != "" {
+				fileName = policy.IconDarkURL
+			}
+			if fileName == "" {
+				return ""
+			}
+			return path.Join(r.pathPrefix, fmt.Sprintf("%s?%s=%s&%s=%v&%s=%s", EndpointDynamicResources, "orgId", orgID, "default-policy", policy.Default, "filename", fileName))
+		},
 		"avatarResource": func(orgID, avatar string) string {
 			return path.Join(r.pathPrefix, fmt.Sprintf("%s?%s=%s&%s=%v&%s=%s", EndpointDynamicResources, "orgId", orgID, "default-policy", false, "filename", avatar))
 		},
@@ -315,13 +325,13 @@ func (l *Login) renderInternalError(w http.ResponseWriter, r *http.Request, auth
 	if err != nil {
 		_, msg = l.getErrorMessage(r, err)
 	}
-	data := l.getBaseData(r, authReq, "Error", "Internal", msg)
+	data := l.getBaseData(r, authReq, "Errors.Internal","", "Internal", msg)
 	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplError], data, nil)
 }
 
-func (l *Login) getUserData(r *http.Request, authReq *domain.AuthRequest, title string, errType, errMessage string) userData {
+func (l *Login) getUserData(r *http.Request, authReq *domain.AuthRequest, titleI18nKey string, descriptionI18nKey string, errType, errMessage string) userData {
 	userData := userData{
-		baseData:    l.getBaseData(r, authReq, title, errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, titleI18nKey, descriptionI18nKey, errType, errMessage),
 		profileData: l.getProfileData(authReq),
 	}
 	if authReq != nil && authReq.LinkingUsers != nil {
@@ -330,8 +340,20 @@ func (l *Login) getUserData(r *http.Request, authReq *domain.AuthRequest, title
 	return userData
 }
 
-func (l *Login) getBaseData(r *http.Request, authReq *domain.AuthRequest, title string, errType, errMessage string) baseData {
-	lang, _ := l.renderer.ReqLang(l.getTranslator(r.Context(), authReq), r).Base()
+func (l *Login) getBaseData(r *http.Request, authReq *domain.AuthRequest, titleI18nKey string, descriptionI18nKey string, errType, errMessage string) baseData {
+	translator := l.getTranslator(r.Context(), authReq)
+	
+	title := ""
+	if titleI18nKey != "" {
+		title = translator.LocalizeWithoutArgs(titleI18nKey)
+	}
+
+	description := ""
+	if descriptionI18nKey != "" {
+		description =  translator.LocalizeWithoutArgs(descriptionI18nKey)
+	}
+	
+	lang, _ := l.renderer.ReqLang(translator, r).Base()
 	baseData := baseData{
 		errorData: errorData{
 			ErrID:      errType,
@@ -339,6 +361,7 @@ func (l *Login) getBaseData(r *http.Request, authReq *domain.AuthRequest, title
 		},
 		Lang:                   lang.String(),
 		Title:                  title,
+		Description:		description,
 		Theme:                  l.getTheme(r),
 		ThemeMode:              l.getThemeMode(r),
 		DarkMode:               l.isDarkMode(r),
@@ -567,6 +590,7 @@ type baseData struct {
 	errorData
 	Lang                   string
 	Title                  string
+	Description            string
 	Theme                  string
 	ThemeMode              string
 	DarkMode               bool
diff --git a/internal/api/ui/login/select_user_handler.go b/internal/api/ui/login/select_user_handler.go
index ee8e8fc347..a4eab5ff8e 100644
--- a/internal/api/ui/login/select_user_handler.go
+++ b/internal/api/ui/login/select_user_handler.go
@@ -17,12 +17,21 @@ type userSelectionFormData struct {
 }
 
 func (l *Login) renderUserSelection(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, selectionData *domain.SelectUserStep) {
-	data := userSelectionData{
-		baseData: l.getBaseData(r, authReq, "Select User", "", ""),
-		Users:    selectionData.Users,
-		Linking:  len(authReq.LinkingUsers) > 0,
-	}
 	translator := l.getTranslator(r.Context(), authReq)
+	
+	linking := len(authReq.LinkingUsers) > 0
+
+	titleI18nKey := "SelectAccount.Title"
+	descriptionI18nKey := "SelectAccount.Description"
+	if linking {
+		titleI18nKey = "SelectAccount.TitleLinking"
+		descriptionI18nKey = "SelectAccount.DescriptionLinking"
+	}
+	data := userSelectionData{
+		baseData: l.getBaseData(r, authReq, titleI18nKey,descriptionI18nKey, "", ""),
+		Users:    selectionData.Users,
+		Linking:  linking,
+	}
 	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplUserSelection], data, nil)
 }
 
diff --git a/internal/api/ui/login/static/i18n/de.yaml b/internal/api/ui/login/static/i18n/de.yaml
index 3b0da8d447..545627d48d 100644
--- a/internal/api/ui/login/static/i18n/de.yaml
+++ b/internal/api/ui/login/static/i18n/de.yaml
@@ -284,7 +284,7 @@ LinkingUsersDone:
   NextButtonText: weiter
 
 ExternalNotFound:
-  Title: Externer Benutzer
+  Title: Externer Benutzer nicht gefunden
   Description: Externer Benutzer konnte nicht gefunden werden. Willst du deinen Benutzer mit einem bestehenden verlinken oder diesen als neuen Benutzer registrieren.
   LinkButtonText: Verlinken
   AutoRegisterButtonText: registrieren
diff --git a/internal/api/ui/login/static/i18n/en.yaml b/internal/api/ui/login/static/i18n/en.yaml
index fd49a3f2d3..183a51595d 100644
--- a/internal/api/ui/login/static/i18n/en.yaml
+++ b/internal/api/ui/login/static/i18n/en.yaml
@@ -284,7 +284,7 @@ LinkingUsersDone:
   NextButtonText: next
 
 ExternalNotFound:
-  Title: External User
+  Title: External User not found
   Description: External user not found. Do you want to link your user or auto register a new one.
   LinkButtonText: Link
   AutoRegisterButtonText: register
diff --git a/internal/api/ui/login/static/i18n/fr.yaml b/internal/api/ui/login/static/i18n/fr.yaml
index 08ff78477f..545f508337 100644
--- a/internal/api/ui/login/static/i18n/fr.yaml
+++ b/internal/api/ui/login/static/i18n/fr.yaml
@@ -284,7 +284,7 @@ LinkingUsersDone:
   NextButtonText: suivant
 
 ExternalNotFound:
-  Title: Utilisateur externe
+  Title: Utilisateur externe introuvable
   Description: Utilisateur externe non trouvé. Voulez-vous lier votre utilisateur ou enregistrer automatiquement un nouvel utilisateur.
   LinkButtonText: Lier
   AutoRegisterButtonText: enregistrer
diff --git a/internal/api/ui/login/static/i18n/it.yaml b/internal/api/ui/login/static/i18n/it.yaml
index c921b9cd92..ee5b1cb57e 100644
--- a/internal/api/ui/login/static/i18n/it.yaml
+++ b/internal/api/ui/login/static/i18n/it.yaml
@@ -284,7 +284,7 @@ LinkingUsersDone:
   NextButtonText: Avanti
 
 ExternalNotFound:
-  Title: Utente esterno
+  Title: Utente esterno non trovato
   Description: Utente esterno non trovato. Vuoi collegare il tuo utente o registrarne uno nuovo automaticamente.
   LinkButtonText: Link
   AutoRegisterButtonText: Registra
diff --git a/internal/api/ui/login/static/i18n/zh.yaml b/internal/api/ui/login/static/i18n/zh.yaml
index 57792606cb..e1922a055b 100644
--- a/internal/api/ui/login/static/i18n/zh.yaml
+++ b/internal/api/ui/login/static/i18n/zh.yaml
@@ -284,7 +284,7 @@ LinkingUsersDone:
   NextButtonText: 继续
 
 ExternalNotFound:
-  Title: 外部用户
+  Title: 未找到外部用户
   Description: 未找到外部用户。你想绑定你已存在的用户还是自动注册一个新用户。
   LinkButtonText: 绑定
   AutoRegisterButtonText: 注册
diff --git a/internal/api/ui/login/static/templates/main.html b/internal/api/ui/login/static/templates/main.html
index cec8e57778..08aac7c1bb 100644
--- a/internal/api/ui/login/static/templates/main.html
+++ b/internal/api/ui/login/static/templates/main.html
@@ -8,13 +8,21 @@
     <meta http-equiv="X-UA-Compatible" content="ie=edge">
 
     <link rel="stylesheet" href="{{ resourceThemeUrl "css/zitadel.css" .Theme }}" type="text/css">
-    <link rel="icon" type="image/x-icon" href="{{ resourceThemeUrl "favicon.ico" .Theme }}">
+    
     {{ if hasCustomPolicy .LabelPolicy }}
-    <link rel="stylesheet" href="{{ variablesCssFileUrl .PrivateLabelingOrgID .LabelPolicy}}" type="text/css">
-    {{ end}}
+        <link rel="stylesheet" href="{{ variablesCssFileUrl .PrivateLabelingOrgID .LabelPolicy}}" type="text/css">
+        {{ $icon := customIconResource .PrivateLabelingOrgID .LabelPolicy .DarkMode }}
+        {{if $icon}}
+            <link rel="icon" type="image" href="{{$icon}}">
+        {{end}}
+    {{ else }}
+        <link rel="icon" type="image/x-icon" href="{{ resourceThemeUrl "favicon.ico" .Theme }}">
+    {{ end }}
+
     <link rel="stylesheet" href="{{ resourceThemeUrl "../../fonts/lgn-icons/css/lgn-icon-font.css" .Theme }}">
 
     <title>{{ .Title }}</title>
+    <meta name="description" content="{{ .Description }}"/>
 
     <script src="{{ resourceUrl "scripts/theme.js" }}"></script>
 </head>
diff --git a/internal/api/ui/login/username_change_handler.go b/internal/api/ui/login/username_change_handler.go
index d9b79e63ae..97ca25a597 100644
--- a/internal/api/ui/login/username_change_handler.go
+++ b/internal/api/ui/login/username_change_handler.go
@@ -20,8 +20,9 @@ func (l *Login) renderChangeUsername(w http.ResponseWriter, r *http.Request, aut
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Change Username", errID, errMessage)
-	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplChangeUsername], data, nil)
+	translator := l.getTranslator(r.Context(), authReq)
+	data := l.getUserData(r, authReq, "UsernameChange.Title","UsernameChange.Description", errID, errMessage)
+	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplChangeUsername], data, nil)
 }
 
 func (l *Login) handleChangeUsername(w http.ResponseWriter, r *http.Request) {
@@ -41,6 +42,7 @@ func (l *Login) handleChangeUsername(w http.ResponseWriter, r *http.Request) {
 
 func (l *Login) renderChangeUsernameDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
 	var errType, errMessage string
-	data := l.getUserData(r, authReq, "Username Change Done", errType, errMessage)
-	l.renderer.RenderTemplate(w, r, l.getTranslator(r.Context(), authReq), l.renderer.Templates[tmplChangeUsernameDone], data, nil)
+	translator := l.getTranslator(r.Context(), authReq)
+	data := l.getUserData(r, authReq, "UsernameChangeDone.Title","UsernameChangeDone.Description", errType, errMessage)
+	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplChangeUsernameDone], data, nil)
 }
diff --git a/internal/i18n/i18n.go b/internal/i18n/i18n.go
index 415197a53e..a399ae1fc7 100644
--- a/internal/i18n/i18n.go
+++ b/internal/i18n/i18n.go
@@ -139,6 +139,10 @@ func (t *Translator) Localize(id string, args map[string]interface{}, langs ...s
 	return localize(t.localizer(langs...), id, args)
 }
 
+func (t *Translator) LocalizeWithoutArgs(id string, langs ...string) string {
+	return localize(t.localizer(langs...), id, map[string]interface{}{})
+}
+
 func (t *Translator) Lang(r *http.Request) language.Tag {
 	matcher := language.NewMatcher(t.bundle.LanguageTags())
 	tag, _ := language.MatchStrings(matcher, t.langsFromRequest(r)...)