Bug #23461
closedPassword not changeable
0%
Description
Backend User changed password within User settings. Message received
"New password
Password was updated."
But nothing was happend. New Login only possible with the old password.
Admin can change password with Listmodul. No problem there.
(issue imported from #M15572)
Updated by Bernhard Müller-Wirtz about 14 years ago
If I deinstall rsaauth and saltedpasswords problem resolved!
Updated by Markus Klein about 14 years ago
Please give us some more information:
Did you set [BE][loginSecurityLevel] = rsa in Installer?
And did you enable saltedpasswords for BE in extension manager?
Updated by Bernhard Müller-Wirtz about 14 years ago
Yes, I set rsa in [BE][loginSecurityLevel] and enabled saltedpasswords. I tried also loginSecurityLevel without rsa. Nothing worked. Only deletion of saltedpasswords and default SecurityLevel worked.
Updated older versions of TYPO3 with no problems. Only new installations of TYPO3 are concerned.
Updated by Markus Klein about 14 years ago
Did you also check with Compare DB whether password field width has been updated accordingly?
That's all I can think of.
I had a look at the source code: The hook for the password form is only registered if "Enable in BE" is set within the extension configuration of saltedpasswords.
Maybe try the following:
1.) Remove the extension and set loginSecurityLevel = normal.
2.) Compare DB
3.) Set your password => login should now work properly
4.) Write down the current value of the password field of your user (via phpmyadmin e.g.)
5.) Install the extension, ensure that "Enable BE" is set and update DB
6.) Set your password again (the same)
7.) compare the new hash in the password field with the one you wrote down.
Is it different and longer? Then everything should be alright with the password update procedure. If not => Damn sh** there's a bug somewhere
8.) update localconf.php and set [BE][loginSecurityLevel] = rsa, remove the temp* files
9.) try to login. If this fails now, then there's something wrong with the openSSL version on your server.
Puh long text.. so good luck
Updated by Marcus Krause about 14 years ago
Did you enable saltedpasswords for BE? What salting method has been configured?
Updated by Bernhard Müller-Wirtz about 14 years ago
Thanks for the description. I did all of these and the result is very well. It works. I did it on a second Installation and the result is also well. Also no Bug, Something, what ever it was, was wrong from my side. Excuse me! Thanks for help.
Updated by Chris topher about 14 years ago
Closed, no bug.
Thanks for the update!