|
Joined: May 2006
Posts: 169
Member
|
Member
Joined: May 2006
Posts: 169 |
Several of my members have been complaining that when they try to log in, their password appears to have been reset as it no longer works. They get a temp password sent to them, log in, re-input their password they want but the same issue happens over and over daily.
At first I thought it may have been an issue with just one user but now several have come forward including a moderator.
I've gone in and became the user and changed the password myself and made a test post without fail but they report back they can't log in and then I send the temp password and the process goes into motion again.
Need some guidance and what should be taking place step by step.
|
|
|
|
Joined: Dec 2003
Posts: 6,560 Likes: 78
|
Joined: Dec 2003
Posts: 6,560 Likes: 78 |
This must be a user issue. Either he is doing it wrong or he is blocking cookies. I have changed my password twice on your site as well as you have tested it with no issues. I replied to that last user post that had issues.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
1 member likes this:
isaac |
|
|
|
Joined: Jun 2006
Posts: 16,292 Likes: 116
|
Joined: Jun 2006
Posts: 16,292 Likes: 116 |
If it was a problem with UBB.threads this would affect ALL user accounts, and not just a handful.
I suggest you have the user change the password to something you can test and ensure it still works for you while not working for them.
|
1 member likes this:
isaac |
|
|
|
Joined: May 2006
Posts: 169
Member
|
Member
Joined: May 2006
Posts: 169 |
Quick question on this -- Does the use get an e-mail asking them to confirm they changed the password.
|
|
|
|
Joined: Jun 2006
Posts: 16,292 Likes: 116
|
Joined: Jun 2006
Posts: 16,292 Likes: 116 |
I don't believe so, I think they just get the initial email with the temporary password and a link.
|
|
|
|
Joined: Apr 2004
Posts: 1,945 Likes: 145
|
Joined: Apr 2004
Posts: 1,945 Likes: 145 |
Do you have a password manager installed, such as LastPass, Keeper, Dashlane, NordPass, or 1Password...etc Do you have the Firefox/Chrome browser password manager enabled? Do you have automatic form-fill in your browser? Do you have any or a combination of the above enabled? Do you have an add-on/extension enabled that manipulates browser cookies in any way? Open your web browser in Incognito mode WITHOUT add-ons/extension (or load a different browser) then go through the process of updating your password from the user PREFERENCES page. Once you've updated your password to something new, you can return to change your password back to what you previously had. There is no password history check beyond validating your new password with your current password. UBB.threads does not keep a password history. And the current password is salted (one-way cryptography).
|
|
|
|
Joined: Jun 2006
Posts: 16,292 Likes: 116
|
Joined: Jun 2006
Posts: 16,292 Likes: 116 |
You might also want to suggest to the user to use the SHOW PASSWORD button while logging in (added in v774) so he can confirm that what is being sent to the login prompt is what he is expecting.
They should also check for the CAPS or NUM lock on their keyboards (they may be expecting something to be a certain way but it could be the opposite having caps lock on).
|
1 member likes this:
isaac |
|
|
|
Joined: Dec 2003
Posts: 6,560 Likes: 78
|
Joined: Dec 2003
Posts: 6,560 Likes: 78 |
All good tips guys that I did not expand on.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
|
Joined: Apr 2004
Posts: 1,945 Likes: 145
|
Joined: Apr 2004
Posts: 1,945 Likes: 145 |
At first I thought it may have been an issue with just one user but now several have come forward including a moderator. Is it possible that you changed the Forum Security Key? This is the unique key which is used for securing your forum. Control Panel > Primary > Forum Security Key If it is changed, then all user passwords will be invalid, and will require each user to reset their password. The field must be populated. If left blank, a new key will be generated.
|
1 member likes this:
Gizmo |
|
|
|
Joined: Dec 2003
Posts: 6,560 Likes: 78
|
Joined: Dec 2003
Posts: 6,560 Likes: 78 |
I did the upgrade to 7.7.4 and as far as I know the security key and the cookie path was left unchanged.
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
|
Joined: Apr 2004
Posts: 1,945 Likes: 145
|
Joined: Apr 2004
Posts: 1,945 Likes: 145 |
I did the upgrade to 7.7.4 and as far as I know the security key and the cookie path was left unchanged. Have you compared the current forum config.inc.php with the an earlier backup config.inc.php file, such as the backup you did prior to performing major work on the forum? Changing the Cookie Path or Cookie Prefix affects keeping users logged in and their current session settings. It does not affect passwords
|
|
|
|
Joined: Dec 2003
Posts: 6,560 Likes: 78
|
Joined: Dec 2003
Posts: 6,560 Likes: 78 |
Understood just providing all the data. No I did not ,because it was working fine when I and freak logged in after the upgrade because he kept the board closed for several days but the upgrade was done in May 2020. I have the original backup still. And the old version was Version 7.5.5
It was a flawless upgrade no errors what so ever even the language files. AFAIK there have been two with login issues one a week or two ago and one more currently. Both were members prior to the upgrade as well as others that have had no issues that currently visit every day.
Last edited by Ruben; 09/19/2020 3:51 PM. Reason: Added Comment
Blue Man Group There is no such thing as stupid questions. Just stupid answers
|
|
|
0 members (),
744
guests, and
147
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|