hashed password true user cannot log in

lissa · June 18, 2024, 8:24am

hi,
on the login page, I created a new user with the hashed password condition being false, and the user logged in successfully.The second try I tried changing the hashed password to true and I changed the user’s login password in administrator, and the password was correctly encrypted, but the user couldn’t log in.
database using MariaDB “utf8mb4_general_ci”
Can you help me

arbei · June 18, 2024, 11:17am

lissa wrote:

The second try I tried changing the hashed password to true…

After change make sure you have generated all scripts and uploaded again. The user should also logout first and then login again.

lissa · June 18, 2024, 11:32am

Yes, I have done what you suggested, regenerating all scripts and logging out all users. but still can’t log in, I checked the password in the database which has been encrypted

arbei · June 18, 2024, 11:52am

Double check if you have enabled the following settings:

Hashed password
Case-sensitive password - If enabled, make sure you enter correct letter case
Password expiry time (days) - Make sure it is not 0
Use password hash

Make sure the above settings are set as what you need, then generate all scripts again, reset the password and try again.

lissa · June 19, 2024, 12:37am

Solved, advanced settings - use password hash value I changed to false
Thank You

arbei · June 19, 2024, 1:23am

You better set the advanced setting to true and reset the password and try again. md5 is out-dated and should not be used anymore.

lissa · June 19, 2024, 9:08am

I tried what you suggested.
and activate advanced settings - use password hash value is true. I changed my password and logged out but can’t log in again?
The hashed password setting in the user login options value is true.
Is there anything I missed?

arbei · June 19, 2024, 1:54pm

You need to reset the password after enabling the advanced setting or the old passwords are still hashed by md5.
Make sure you use “utf-8” as your project charset since your database uses utf8bm4.
Make sure the table and field are also using the same utf8bm4 charset and collation (do not use utf8mb4_bin).
Make sure you have generated the src/config.php and uploaded again to your server.
You may upload a script (see password_hash() and password_verify()) to test if password hashing is working correctly on your server.

vintoICT · May 4, 2025, 12:54pm

Pls use the hash check your password column ensure it can contain the length of the hash . use varchar(150 ) or higher anything less will cut the hash password and affect your login .