Password

A member of my community forgot their password. They tried the reset password function but the password sent to him did not work. I tried to change it manually via the admin panel (as I have done many times successfully in the past) but this did not work. I tried to change via the MyPHP admin panel but this did not work. Bump. Hit a brick wall. Again! HELP!

did you try clearing the cache after you changed the password?

Have you tried to login to that members account yourself after changing the password yourself? Or are you just sending the new password to them to let them try it without verifying if it's a problem at there end or yours.

Are any other members having any problems?

I get this from some members as well.  I am using the access management module from the market and it can track failed logins.  What I am seeing is that the person is not typing the password correctly.  They say they are, but they are not; that module captures the user name and password they enter so I can verify this.

The login works, the member can either enter their ID number or user name and password; password is case sensitive so if a member types Mypassword when the password is mypassword, it will fail for them; sometimes people will turn on caps lock and forget it is on; I have one member that wants to always type in capital letters and claim they are not shouting and I can not get them to quit, even when I tell her it is hard to read all caps.

If they can not log in, they are not entering the correct information.  The same with some of my users, they click on the forgot password link and then tell me the password they were sent does not work yet I can log on using it without problems.  I even reset; which I don't like doing, that is what the forgot password is for; one member's password and emailed her the password and she still got it wrong.  I really don't know how some of these people even manage to turn on their computers.

Welcome to the life of an admin, it sucks.  Most of the time you are resetting passwords instead of doing real work.

For that you need the MD5 hash and the salt; resetting the password through pedit is the way to go.

Actually it's more than that. The password is a sha1 hash.

It is formed by making a md5 hash of the clear text password. Then stick the salt onto the end of the MD5 hash and then turn that string into a sha1 hash.

The procedure to do it in phpmyadmin is here. http://www.boonex.com/forums/topic/Reset-Admin-Password.htm

So yea. if you as the admin can get in, just edit their profile and change it in the profile editor which is the proper way. If you do not know how to properly generate one using phpmyadmin then it's not going to work.

Thanks all for your replies.

Professor: Yes I cleared the cache after changing the password.

Deano: Yes I have tried to log into that members account using the new password but the system keeps telling me the password is incorrect.

In the past the password reminded has not worked and so I've had to reset the passwords manually but now even this is not working.

I don't know if this is a problem other members are having... I will set up a test account and see if the issue exists for the test account.

Geek: I've double checked and entered the password myself many times and cleared the cache but this does not work. Tried changing password via Myphp and using MD5 but that did not work.

Maybe I did not do the MD5 process correctly.

I will try the procedure deano gave in the link (via phpmyadmin).

But really the auto reset password should work and I should be able to do this via the admin panel. I'm wondering what, if anyting has changed.

Okay it seems this problem of resetting the password occurs for this member only. I tried a test account and the password reset worked. Also I was able to change the test account password manually and with success.

Deano... I tried your suggestion below but get an error message which I have attached the screenshot to this message.

SELECT * FROM `Profiles` WHERE 1UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10, 36) WHERE `ID`='1992';

UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('baby89'), `Salt`)) WHERE `ID`='1992';

You forgot to clear the submit form which defaults to SELECT * FROM `Profiles` WHERE 1

So that ended up on the front of the first query which should not be there. Look at the topic that contains the code http://www.boonex.com/forums/topic/Reset-Admin-Password.htm again and compare with yours. You will see they are not the same.

Thanks Deano. It says the rows are affected and I cleared the cache but the new password does not work. I've attached a screen shot for you to view.

Bump

 Thanks Deano. It says the rows are affected and I cleared the cache but the new password does not work. I've attached a screen shot for you to view.

When all methods to change the password fail, then obviously the problem is not the password. It has to be something else. And because it is only affecting one member then it has to have something to do with that one account only.

Either you have some kind of a filter in place that is blocking nick, email or something about that account, or for some reason there is another account in the system with either a matching nickname or email.

Try using all 3 methods of login for that account. If nickname and pass fail, then try email and pass or member id and pass. See if any of them work.

I tried all 3: username, id number and email address and no luck. This is very bizzare.

go into the cache folder, find the user cache file user*.php that matches that members id and delete it and try again. Deleting the user cache is part of the instructions of this topic http://www.boonex.com/forums/topic/Reset-Admin-Password.htm which i am guessing you may not have done.

I did do that. Just to be sure I did it again but still nothing.

Then i am done. I have no more suggestions.

okay. thanks deano. i appreciate your time and suggestions.

You have some blacklist on?

/administration/ip_blacklist.php?mode=settings

you banned the member? is the profile active?

:) I never reset passwords. I also never delete or suspend profiles for members as well. If I did, I'd hang myself sooner rather than later. :)

Maybe the password wasn't working because they created their profile through Facebook? Those Facebookies usually create mucho ado. :)

I still don't understand why the password reset feature does not provide a password that works!

Changing the password manually also does not work via the dolphin admin panel!

Does this feature work for anyone?

Yes it works.

If it does not for you then you have a different problem that's causing the login to fail that has nothing to do with the password. Your making the mistake of assuming it is a problem with the password.

Assign the member to the admin group and see if you can logon with the new password. If you can now logon with the new password, you most likely have to assign the member to a group. Also check if all mandatory profile fields are filled in.

Also check the error_log for any recent error messages.

 Thanks for your suggestion which I tried this but it did not work.

 Where can I find this error-log ?

 If you have WHM or Parallels panel you can check the logs, VPS or dedicated. 

If you know SSH, it can also be checked via that.

Sorry Newton. I mistakenly flagged your post by accident.

I have two error log locations:

1) A 248 MB File  Via the Parallels Panel > Websites & Domains  > Logs > Logs Management 

2) Via the main index of the site

Both files are large. Which one do I need, what is the best way to view these large files, and what keys words am I looking for that would indicate a problem with password reset function?

My communities were recently transferred to a new host. I'm wondering if something might have happened in the transfer.

Plesk creates the error_log in a separate directory (the one in the site's main directory is likely an older one pre-Plesk), which can be downloaded or viewed from the logs area in Plesk.  Check for an error that matches the timestamp, and post it here (be mindful of any sensitive information).

 might have but I do recommend this module to everyone here, it does not issue a new password untill the person requesting a new password has to confirm the password change, before the new password is active..

http://www.boonex.com/m/advanced-password-forgot

Denre gives excellent support above and beyond others!

Thanks for the recommendation newton!

People who are interested in buying this module, it is now also available for v7.0.x

Any questions, just PM me

I've hit a brick wall 

Auto password reset email does not work for some older members.

Tried to manually change their password via admin panel and tried the suggestion listed above with the member's ID number.

Cleared cache.

Did not work.   Arghhhh!