Bug #79876
Updated by Tabea David about 7 years ago
If one changes *something* in an fe_user entry (it doesn't matter which property) the password will be rehashed and the user won't be able to login any further. **Steps to reproduce:** 1. Create an fe_user, assign password (DB fe_users password: `$P$CN4GFleNMV4EWf9KDKpU1aNRdor51R.`) 2. user is able to login 3. Change *First name* or any other property and save it 4. have a look at the database, the password has been changed `$P$CLqlmIjC1.tEMYZLqDI1cCxgxdRbg7.` 5. the user is unable to login 6. change the password again (BE) 7. the user is able to login **Environment** - Extension rsaauth is installed - `[FE][loginSecurityLevel] = rsa` (also tested `normal`, same issue here) - tested on a fresh installation as well as a migrated one **One more problem:** If I disable the user, the user cannot login (password hash changed). **BUT** if I enter the password again (BE, edit user entry), the user is able to login even though the user is still disabled. Same counts for start- and endtime. **EDIT:** The same occurs for be_users.