diff --git a/config/i18n-tasks.yml b/config/i18n-tasks.yml
index c54822457f4..4b03df082e6 100644
--- a/config/i18n-tasks.yml
+++ b/config/i18n-tasks.yml
@@ -85,6 +85,12 @@ search:
 
 ## Do not consider these keys missing:
 ignore_missing:
+  - datetime.dotiw.days
+  - datetime.dotiw.hours
+  - datetime.dotiw.less_than_x
+  - datetime.dotiw.months
+  - datetime.dotiw.weeks
+  - datetime.dotiw.years
 # - 'errors.messages.{accepted,blank,invalid,too_short,too_long}'
 # - '{devise,simple_form}.*'
 
@@ -104,6 +110,17 @@ ignore_unused:
   - 'time.*'
   - 'datetime.dotiw.words_connector'
   - 'datetime.dotiw.last_word_connector'
+  - 'datetime.dotiw.days.one'
+  - 'datetime.dotiw.days.other'
+  - 'datetime.dotiw.hours.one'
+  - 'datetime.dotiw.hours.other'
+  - 'datetime.dotiw.less_than_x'
+  - 'datetime.dotiw.months.one'
+  - 'datetime.dotiw.months.other'
+  - 'datetime.dotiw.weeks.one'
+  - 'datetime.dotiw.weeks.other'
+  - 'datetime.dotiw.years.one'
+  - 'datetime.dotiw.years.other'
 ## Exclude these keys from the `i18n-tasks eq-base' report:
 # ignore_eq_base:
 #   all:
diff --git a/config/locales/es.yml b/config/locales/es.yml
index 487df428305..e43c2a3117c 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -433,13 +433,24 @@ date.month_names:
   - noviembre
   - diciembre
 date.range: De %{from} a %{to}
+datetime.dotiw.days.one: 1 día
+datetime.dotiw.days.other: '%{count} días'
+datetime.dotiw.hours.one: 1 hora
+datetime.dotiw.hours.other: '%{count} horas'
 datetime.dotiw.last_word_connector: ' y '
+datetime.dotiw.less_than_x: 'menos de %{distance}'
 datetime.dotiw.minutes.one: un minuto
 datetime.dotiw.minutes.other: '%{count} minutos'
+datetime.dotiw.months.one: 1 mes
+datetime.dotiw.months.other: '%{count} meses'
 datetime.dotiw.seconds.one: un segundo
 datetime.dotiw.seconds.other: '%{count} segundos'
 datetime.dotiw.two_words_connector: ' y '
+datetime.dotiw.weeks.one: 1 semana
+datetime.dotiw.weeks.other: '%{count} semanas'
 datetime.dotiw.words_connector: ', '
+datetime.dotiw.years.one: 1 año
+datetime.dotiw.years.other: '%{count} años'
 devise.confirmations.already_confirmed: Su dirección de correo electrónico fue confirmada. %{action}
 devise.confirmations.confirmed: Usted confirmó su dirección de correo electrónico
 devise.confirmations.confirmed_but_must_set_password: Usted confirmó su dirección de correo electrónico
@@ -1391,7 +1402,7 @@ notices.use_diff_email.text_html: O %{link_html}
 notices.webauthn_configured: Se agregó una clave de seguridad a su cuenta.
 notices.webauthn_platform_configured: Usó el bloqueo de pantalla de su dispositivo para agregar el desbloqueo facial o táctil a su cuenta.
 openid_connect.authorization.errors.bad_client_id: client_id incorrecto
-openid_connect.authorization.errors.invalid_verified_within_duration.one: el valor debe ser al menos %{count} día o más
+openid_connect.authorization.errors.invalid_verified_within_duration.one: el valor debe ser al menos %{count} días o más
 openid_connect.authorization.errors.invalid_verified_within_duration.other: el valor debe ser al menos %{count} días o más
 openid_connect.authorization.errors.invalid_verified_within_format: Formato no reconocido de verified_within
 openid_connect.authorization.errors.missing_ial: Falta un nivel válido de IAL
@@ -1399,7 +1410,7 @@ openid_connect.authorization.errors.no_auth: Los acr_values no están autorizado
 openid_connect.authorization.errors.no_valid_acr_values: No se encontraron ial_values aceptables
 openid_connect.authorization.errors.no_valid_scope: No se encontraron valores de ámbito válidos
 openid_connect.authorization.errors.no_valid_vtr: vots encontrados no aceptables
-openid_connect.authorization.errors.prompt_invalid: Prompt no es válido
+openid_connect.authorization.errors.prompt_invalid: No se encontraron valores de consulta válidos
 openid_connect.authorization.errors.redirect_uri_invalid: redirect_uri no es válido
 openid_connect.authorization.errors.redirect_uri_no_match: redirect_uri no coincide con el redirect_uri registrado
 openid_connect.authorization.errors.unauthorized_scope: Ámbito no autorizado
@@ -1410,10 +1421,11 @@ openid_connect.logout.errors.client_id_missing: Falta client_id
 openid_connect.logout.errors.id_token_hint: No se reconoció id_token_hint
 openid_connect.logout.errors.id_token_hint_present: Esta aplicación está mal configurada y no debería estar enviando id_token_hint. En vez de ello, enviar client_id.
 openid_connect.logout.errors.no_client_id_or_id_token_hint: Esta aplicación está mal configurada y debe enviar client_id o id_token_hint.
-openid_connect.logout.heading: '¿Desea cerrar sesión en %{app_name}?'
-openid_connect.logout.heading_with_sp: '¿Desea cerrar sesión en %{app_name} y volver a %{service_provider_name}?'
+openid_connect.logout.heading: ¿Desea cerrar sesión en %{app_name}?
+openid_connect.logout.heading_with_sp: ¿Desea cerrar sesión en %{app_name} y volver a %{service_provider_name}?
+
 openid_connect.token.errors.expired_code: venció
-openid_connect.token.errors.invalid_aud: Reclamación de audiencia no válida, %{url} previsto
+openid_connect.token.errors.invalid_aud: Notificación de audiencia no válida, %{url} prevista
 openid_connect.token.errors.invalid_authentication: El cliente debe autenticarse a través de PKCE o private_key_jwt, omitiendo code_challenge o client_assertion
 openid_connect.token.errors.invalid_code: no es válido porque no coincide con ningún usuario. Consulte nuestra documentación en https://developers.login.gov/oidc/#token
 openid_connect.token.errors.invalid_code_verifier: code_verifier no coincide con code_challenge
@@ -1427,19 +1439,19 @@ pages.page_took_too_long.header: El servidor tardó demasiado en procesar su sol
 report_mailer.deleted_accounts_report.issuers: Emisores
 report_mailer.deleted_accounts_report.name: Nombre
 report_mailer.deleted_accounts_report.subject: Informe de cuentas eliminadas
-risc.security_event.errors.alg_unsupported: algoritmo no compatible, debe estar firmado con %{expected_alg}
-risc.security_event.errors.aud_invalid: reclamo de auditor inválido, esperado %{url}
-risc.security_event.errors.event_type_missing: event perdido
+risc.security_event.errors.alg_unsupported: algoritmo no admitido, debe firmarse con %{expected_alg}
+risc.security_event.errors.aud_invalid: notificación de audiencia no válida, prevista %{url}
+risc.security_event.errors.event_type_missing: evento ausente
 risc.security_event.errors.event_type_unsupported: tipo de evento no admitido %{event_type}
-risc.security_event.errors.exp_present: Los eventos SET no deben tener un reclamo de exp
-risc.security_event.errors.jti_not_unique: jti ya existe
-risc.security_event.errors.jti_required: se requiere reclamo jti
+risc.security_event.errors.exp_present: los eventos SET no deben tener una notificación de vencimiento
+risc.security_event.errors.jti_not_unique: jti no era único
+risc.security_event.errors.jti_required: se necesita notificación jti
 risc.security_event.errors.jwt_could_not_parse: no se pudo analizar JWT
-risc.security_event.errors.no_public_key: no se pudo cargar la clave pública para el emisor
-risc.security_event.errors.sub_not_found: reclamo de event.subject.sub no válido
-risc.security_event.errors.sub_unsupported: no se acepta subclase de nivel superior
+risc.security_event.errors.no_public_key: no se pudo cargar la clave pública del emisor
+risc.security_event.errors.sub_not_found: evento inválido.asunto.subnotificación
+risc.security_event.errors.sub_unsupported: no se aceptó subnotificación de nivel superior
 risc.security_event.errors.subject_type_unsupported: subject_type debe ser %{expected_subject_type}
-risc.security_event.errors.typ_error: El encabezado típico debe ser %{expected_typ}
+risc.security_event.errors.typ_error: encabezado de tipo debe ser %{expected_typ}
 saml_idp.auth.error.title: Error
 saml_idp.shared.saml_post_binding.heading: Enviar para continuar
 saml_idp.shared.saml_post_binding.no_js: JavaScript parece estar desactivado en su navegador. Por lo general, este paso es automático, pero, debido a que tiene JavaScript desactivado, haga clic en el botón Enviar para continuar iniciando sesión o cerrándola.
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 5d0aebd7d42..99ed1aa60a8 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -433,13 +433,24 @@ date.month_names:
   - 11月
   - 12月
 date.range: 从 %{from} 到 %{to}
+datetime.dotiw.days.one: 1 天
+datetime.dotiw.days.other: '%{count} 天'
+datetime.dotiw.hours.one: 1 小时
+datetime.dotiw.hours.other: '%{count} 小时'
 datetime.dotiw.last_word_connector: ' 和 '
+datetime.dotiw.less_than_x: 小于 %{distance}
 datetime.dotiw.minutes.one: 1 分钟
 datetime.dotiw.minutes.other: '%{count} 分钟'
+datetime.dotiw.months.one: 1 个月
+datetime.dotiw.months.other: '%{count} 个月'
 datetime.dotiw.seconds.one: 1 秒种
 datetime.dotiw.seconds.other: '%{count} 秒'
 datetime.dotiw.two_words_connector: ' 和 '
+datetime.dotiw.weeks.one: 1 周
+datetime.dotiw.weeks.other: '%{count} 周'
 datetime.dotiw.words_connector: ', '
+datetime.dotiw.years.one: 1 年
+datetime.dotiw.years.other: '%{count} 年'
 devise.confirmations.already_confirmed: 你的电邮地址已确认。%{action}
 devise.confirmations.confirmed: 你已确认了你的电邮地址。
 devise.confirmations.confirmed_but_must_set_password: 你已确认了你的电邮地址。
@@ -1396,56 +1407,56 @@ notices.use_diff_email.link: 使用一个不同的电邮地址
 notices.use_diff_email.text_html: 或者，%{link_html}
 notices.webauthn_configured: 你账户添加了一个安全密钥。
 notices.webauthn_platform_configured: 你用了自己设备的屏幕锁定给账户添加了人脸或触摸解锁。
-openid_connect.authorization.errors.bad_client_id: Bad client_id
-openid_connect.authorization.errors.invalid_verified_within_duration.one: value must be at least %{count} day or older
-openid_connect.authorization.errors.invalid_verified_within_duration.other: value must be at least %{count} days or older
-openid_connect.authorization.errors.invalid_verified_within_format: Unrecognized format for verified_within
-openid_connect.authorization.errors.missing_ial: Missing a valid IAL level
-openid_connect.authorization.errors.no_auth: The acr_values are not authorized
-openid_connect.authorization.errors.no_valid_acr_values: No acceptable acr_values found
-openid_connect.authorization.errors.no_valid_scope: No valid scope values found
+openid_connect.authorization.errors.bad_client_id: 坏的client_id
+openid_connect.authorization.errors.invalid_verified_within_duration.one: 值必须至少为 %{count} 天或以上
+openid_connect.authorization.errors.invalid_verified_within_duration.other: 值必须至少为 %{count} 天或以上
+openid_connect.authorization.errors.invalid_verified_within_format: verified_within 格式无法识别
+openid_connect.authorization.errors.missing_ial: 缺失有效的 IAL 级别
+openid_connect.authorization.errors.no_auth: Acr_values 未经授权
+openid_connect.authorization.errors.no_valid_acr_values: 未找到可接受的 acr_values
+openid_connect.authorization.errors.no_valid_scope: 未找到有效的范围值
 openid_connect.authorization.errors.no_valid_vtr: No acceptable vots found
-openid_connect.authorization.errors.prompt_invalid: No valid prompt values found
-openid_connect.authorization.errors.redirect_uri_invalid: redirect_uri is invalid
-openid_connect.authorization.errors.redirect_uri_no_match: redirect_uri does not match registered redirect_uri
-openid_connect.authorization.errors.unauthorized_scope: Unauthorized scope
-openid_connect.logout.confirm: Yes, sign out of %{app_name}
-openid_connect.logout.deny: No, go to my account page
-openid_connect.logout.errors.client_id_invalid: client_id was not recognized
-openid_connect.logout.errors.client_id_missing: client_id is missing
-openid_connect.logout.errors.id_token_hint: id_token_hint was not recognized
-openid_connect.logout.errors.id_token_hint_present: This application is misconfigured and should not be sending id_token_hint. Please send client_id instead.
-openid_connect.logout.errors.no_client_id_or_id_token_hint: This application is misconfigured and must send either client_id or id_token_hint.
-openid_connect.logout.heading: Do you want to sign out of %{app_name}?
-openid_connect.logout.heading_with_sp: Do you want to sign out of %{app_name} and return to %{service_provider_name}?
-openid_connect.token.errors.expired_code: is expired
-openid_connect.token.errors.invalid_aud: Invalid audience claim, expected %{url}
-openid_connect.token.errors.invalid_authentication: Client must authenticate via PKCE or private_key_jwt, missing either code_challenge or client_assertion
-openid_connect.token.errors.invalid_code: is invalid because doesn’t match any user. Please see our documentation at https://developers.login.gov/oidc/#token
-openid_connect.token.errors.invalid_code_verifier: code_verifier did not match code_challenge
-openid_connect.token.errors.invalid_iat: iat must be an integer or floating point Unix timestamp representing a time in the past
-openid_connect.token.errors.invalid_signature: Could not validate assertion against any registered public keys
-openid_connect.user_info.errors.malformed_authorization: Malformed Authorization header
-openid_connect.user_info.errors.no_authorization: No Authorization header provided
-openid_connect.user_info.errors.not_found: Could not find authorization for the contents of the provided access_token or it may have expired
+openid_connect.authorization.errors.prompt_invalid: 未找到有效的提示值
+openid_connect.authorization.errors.redirect_uri_invalid: redirect_uri 有误
+openid_connect.authorization.errors.redirect_uri_no_match: redirect_uri 与注册的 redirect_uri 不匹配
+openid_connect.authorization.errors.unauthorized_scope: 未经授权的范围
+openid_connect.logout.confirm: 是的，登出 %{app_name}
+openid_connect.logout.deny: 不，到我的账户页面
+openid_connect.logout.errors.client_id_invalid: client_id 不认识
+openid_connect.logout.errors.client_id_missing: client_id 缺失
+openid_connect.logout.errors.id_token_hint: id_token_hint 不认识
+openid_connect.logout.errors.id_token_hint_present: 本应用程序配置错误，不应发送 id_token_hint。请发送 client_id。
+openid_connect.logout.errors.no_client_id_or_id_token_hint: 本应用程序配置错误，必须发送 client_id 或者 id_token_hint。
+openid_connect.logout.heading: 你想登出 %{app_name} 吗？
+openid_connect.logout.heading_with_sp: 你想登出 %{app_name} 并回到 %{service_provider_name} 吗？
+openid_connect.token.errors.expired_code: 过期了
+openid_connect.token.errors.invalid_aud: 受众声明有误，预期 %{url}
+openid_connect.token.errors.invalid_authentication: 客户必须通过 PKCE 或 private_key_jwt 来验证，缺失 code_challenge 或者 client_assertion
+openid_connect.token.errors.invalid_code: 无效，因为与任何用户都匹配不上。请参阅我们的文档： https://developers.login.gov/oidc/#token
+openid_connect.token.errors.invalid_code_verifier: code_verifier 与 code_challenge 不匹配
+openid_connect.token.errors.invalid_iat: iat 必须是整数或者浮动点 Unix 时间印章来代表过去的一个时间
+openid_connect.token.errors.invalid_signature: 无法根据任何已注册的公钥验证这个说法
+openid_connect.user_info.errors.malformed_authorization: 授权标头畸形
+openid_connect.user_info.errors.no_authorization: 未提供授权标头
+openid_connect.user_info.errors.not_found: 就提供的 access_token 内容找不到授权或者授权已过期。
 pages.page_took_too_long.body: 你也许想等几分钟后再试。（503）
 pages.page_took_too_long.header: 服务器处理你请求的时间过长。
 report_mailer.deleted_accounts_report.issuers: 发放方
 report_mailer.deleted_accounts_report.name: 姓名
 report_mailer.deleted_accounts_report.subject: 已删除账户报告
-risc.security_event.errors.alg_unsupported: unsupported algorithm, must be signed with %{expected_alg}
-risc.security_event.errors.aud_invalid: invalid aud claim, expected %{url}
-risc.security_event.errors.event_type_missing: missing event
-risc.security_event.errors.event_type_unsupported: unsupported event type %{event_type}
-risc.security_event.errors.exp_present: SET events must not have an exp claim
-risc.security_event.errors.jti_not_unique: jti was not unique
-risc.security_event.errors.jti_required: jti claim is required
-risc.security_event.errors.jwt_could_not_parse: could not parse JWT
-risc.security_event.errors.no_public_key: could not load public key for issuer
-risc.security_event.errors.sub_not_found: invalid event.subject.sub claim
-risc.security_event.errors.sub_unsupported: top-level sub claim is not accepted
-risc.security_event.errors.subject_type_unsupported: subject_type must be %{expected_subject_type}
-risc.security_event.errors.typ_error: typ header must be %{expected_typ}
+risc.security_event.errors.alg_unsupported: 不支持的算法，必须用 %{expected_alg} 签名
+risc.security_event.errors.aud_invalid: 受众声明无效，预期 %{url}
+risc.security_event.errors.event_type_missing: 缺失事件
+risc.security_event.errors.event_type_unsupported: 不支持的事件类型 %{event_type}
+risc.security_event.errors.exp_present: SET 事件不能有过期声明
+risc.security_event.errors.jti_not_unique: jti 没有独特性
+risc.security_event.errors.jti_required: 要求有 jti 声索
+risc.security_event.errors.jwt_could_not_parse: 无法解析 JWT
+risc.security_event.errors.no_public_key: 无法为发放方加载公钥
+risc.security_event.errors.sub_not_found: event.subject.sub 声明无效
+risc.security_event.errors.sub_unsupported: 顶层主题声索不被接受
+risc.security_event.errors.subject_type_unsupported: subject_type 必须是 %{expected_subject_type}
+risc.security_event.errors.typ_error: 类型标头必须是 %{expected_typ}
 saml_idp.auth.error.title: 错误
 saml_idp.shared.saml_post_binding.heading: 提交来继续
 saml_idp.shared.saml_post_binding.no_js: 你浏览器中的 JavaScript 似乎已关闭。该步骤通常会自动发生，但因为你把 JavaScript 关闭，请点击提交按钮来继续登入或登出。
diff --git a/spec/i18n_spec.rb b/spec/i18n_spec.rb
index ef708925c75..3c789af7c16 100644
--- a/spec/i18n_spec.rb
+++ b/spec/i18n_spec.rb
@@ -148,50 +148,6 @@ class BaseTask
         { key: 'user_mailer.new_device_sign_in_before_2fa.info_p1_html.one', locales: %i[zh] },
         { key: 'user_mailer.new_device_sign_in_before_2fa.info_p1_html.other', locales: %i[zh] },
         { key: 'user_mailer.new_device_sign_in_before_2fa.info_p1_html.zero', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.bad_client_id', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.invalid_verified_within_duration.one', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.invalid_verified_within_duration.other', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.invalid_verified_within_format', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.missing_ial', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.no_auth', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.no_valid_acr_values', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.no_valid_scope', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.prompt_invalid', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.redirect_uri_invalid', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.redirect_uri_no_match', locales: %i[zh] },
-        { key: 'openid_connect.authorization.errors.unauthorized_scope', locales: %i[zh] },
-        { key: 'openid_connect.logout.confirm', locales: %i[zh] },
-        { key: 'openid_connect.logout.deny', locales: %i[zh] },
-        { key: 'openid_connect.logout.errors.client_id_invalid', locales: %i[zh] },
-        { key: 'openid_connect.logout.errors.client_id_missing', locales: %i[zh] },
-        { key: 'openid_connect.logout.errors.id_token_hint', locales: %i[zh] },
-        { key: 'openid_connect.logout.errors.id_token_hint_present', locales: %i[zh] },
-        { key: 'openid_connect.logout.errors.no_client_id_or_id_token_hint', locales: %i[zh] },
-        { key: 'openid_connect.logout.heading', locales: %i[zh] },
-        { key: 'openid_connect.logout.heading_with_sp', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.expired_code', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_aud', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_authentication', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_code', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_code_verifier', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_iat', locales: %i[zh] },
-        { key: 'openid_connect.token.errors.invalid_signature', locales: %i[zh] },
-        { key: 'openid_connect.user_info.errors.malformed_authorization', locales: %i[zh] },
-        { key: 'openid_connect.user_info.errors.no_authorization', locales: %i[zh] },
-        { key: 'openid_connect.user_info.errors.not_found', locales: %i[zh] },
-        { key: 'risc.security_event.errors.alg_unsupported', locales: %i[zh] },
-        { key: 'risc.security_event.errors.aud_invalid', locales: %i[zh] },
-        { key: 'risc.security_event.errors.event_type_missing', locales: %i[zh] },
-        { key: 'risc.security_event.errors.event_type_unsupported', locales: %i[zh] },
-        { key: 'risc.security_event.errors.exp_present', locales: %i[zh] },
-        { key: 'risc.security_event.errors.jti_not_unique', locales: %i[zh] },
-        { key: 'risc.security_event.errors.jti_required', locales: %i[zh] },
-        { key: 'risc.security_event.errors.jwt_could_not_parse', locales: %i[zh] },
-        { key: 'risc.security_event.errors.no_public_key', locales: %i[zh] },
-        { key: 'risc.security_event.errors.sub_not_found', locales: %i[zh] },
-        { key: 'risc.security_event.errors.sub_unsupported', locales: %i[zh] },
-        { key: 'risc.security_event.errors.subject_type_unsupported', locales: %i[zh] },
-        { key: 'risc.security_event.errors.typ_error', locales: %i[zh] },
       ].freeze
       # rubocop:enable Layout/LineLength