Project

General

Profile

Actions

Bug #23461

closed

Password not changeable

Added by Bernhard Müller-Wirtz about 14 years ago. Updated about 14 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2010-08-27
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.4
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Backend User changed password within User settings. Message received
"New password
Password was updated."
But nothing was happend. New Login only possible with the old password.

Admin can change password with Listmodul. No problem there.

(issue imported from #M15572)

Actions #1

Updated by Bernhard Müller-Wirtz about 14 years ago

If I deinstall rsaauth and saltedpasswords problem resolved!

Actions #2

Updated by Björn Pedersen about 14 years ago

maybe related to: #0015470

Actions #3

Updated by Markus Klein about 14 years ago

Please give us some more information:

Did you set [BE][loginSecurityLevel] = rsa in Installer?
And did you enable saltedpasswords for BE in extension manager?

Actions #4

Updated by Bernhard Müller-Wirtz about 14 years ago

Yes, I set rsa in [BE][loginSecurityLevel] and enabled saltedpasswords. I tried also loginSecurityLevel without rsa. Nothing worked. Only deletion of saltedpasswords and default SecurityLevel worked.
Updated older versions of TYPO3 with no problems. Only new installations of TYPO3 are concerned.

Actions #5

Updated by Markus Klein about 14 years ago

Did you also check with Compare DB whether password field width has been updated accordingly?

That's all I can think of.
I had a look at the source code: The hook for the password form is only registered if "Enable in BE" is set within the extension configuration of saltedpasswords.

Maybe try the following:
1.) Remove the extension and set loginSecurityLevel = normal.
2.) Compare DB
3.) Set your password => login should now work properly
4.) Write down the current value of the password field of your user (via phpmyadmin e.g.)
5.) Install the extension, ensure that "Enable BE" is set and update DB
6.) Set your password again (the same)
7.) compare the new hash in the password field with the one you wrote down.
Is it different and longer? Then everything should be alright with the password update procedure. If not => Damn sh** there's a bug somewhere
8.) update localconf.php and set [BE][loginSecurityLevel] = rsa, remove the temp* files
9.) try to login. If this fails now, then there's something wrong with the openSSL version on your server.

Puh long text.. so good luck

Actions #6

Updated by Marcus Krause about 14 years ago

Did you enable saltedpasswords for BE? What salting method has been configured?

Actions #7

Updated by Bernhard Müller-Wirtz about 14 years ago

Thanks for the description. I did all of these and the result is very well. It works. I did it on a second Installation and the result is also well. Also no Bug, Something, what ever it was, was wrong from my side. Excuse me! Thanks for help.

Actions #8

Updated by Chris topher about 14 years ago

Closed, no bug.

Thanks for the update!

Actions

Also available in: Atom PDF