jaszladie wrote:I am also having this issue. I can change the password for my users and they can log in. When they change it themselves, they get locked out.
I can replicate this as well. Setting the password for the user when logged in as 'admin' works. Setting the password while logged in as the regular user does NOT work and neither does the password from using the "Forgotten your password?" link.
Looking at madsonic.scripts, I noticed the following:
After password reset tool, password: Aq3DVWrS
INSERT INTO USER VALUES('test','enc:4171334456577253',0,0,0,FALSE,'emailaddress',0,FALSE,'Test')
After setting password in admin panel, password: DP1FDM8cV2Hv
INSERT INTO USER VALUES('test','enc:36646232633338643564623535323037333534653966363561313630313936353165333234333634',0,0,0,FALSE,'emailaddress',0,FALSE,'Test ')
After setting password in user account, password: Aq3DVWrS
INSERT INTO USER VALUES('test','enc:4171334456577253',0,0,0,FALSE,'emailaddress',0,FALSE,'Test')
The user email address was set correctly, but I couldn't post it here. It looks as though using the password reset link or setting it in the user account encodes the password using an old method.