Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Thomas Beckert 162 posts 369 karma points
    Aug 11, 2014 @ 13:47
    Thomas Beckert
    0

    Unable to login as admin

    Hi,

    the last few weeks, I had the problem, that I could not login as admin anymore (once in version 7.1, now in Version 6.2.1).

    I didn't change anything now or in the past, using standard-user settings (hash-pwd and so on).

    I overwrote the hashed passwort in the database with one from another instance that worked, but it has no effect. I just cannot login anymore.

    Any suggestions what I can check or why it does not work?

     

    Best regards -

     

    Tom

  • Dennis Aaen 4433 posts 17887 karma points admin hq c-trib
    Aug 11, 2014 @ 14:05
    Dennis Aaen
    0

    Hi Thomas,

    Sad to here that you can´t login. What I have seen the last periode is that you can be logged out from the backend if you type your password wrong e.g 5 times in Umbraco 7, don´t know if it´s the same for Umbraco 6.2.1.

    What you could try to chek the UmbracoUser table to see if userNoConsole is set to 1 or true for the user that you are trying logging in with, it should be 0 or false. If the column is in the table in Umbraco 6.2.1

    You can set maxInvalidPasswordAttempts to a different value for the UsersMembershipProvider in your web.config file. For example maxInvalidPasswordAttempts="15".

    It's to prevent hackers from trying millions of passwords trying to guess yours.

    Hope this helps,

    /Dennis

  • Thomas Beckert 162 posts 369 karma points
    Aug 11, 2014 @ 14:30
    Thomas Beckert
    0

    Hi Dennis,

    thanks for the really quick reply. I checked everything you wrote, but still no successful login.
    It is not only one user, I tried with two different ones.
    Seems like the authentication mechanism does not work properly. I have no idea.
    Last thing I did was updating from 6.1.1 to 6.2.1 and running the security fix.

    Any other idea where to look for?

    Best regards -

     

    Tom 

  • Thomas Beckert 162 posts 369 karma points
    Aug 11, 2014 @ 15:08
    Thomas Beckert
    0

    I just wanted to check the log-Table, but there isn't any entry about a login failure attempt...

  • Thomas Beckert 162 posts 369 karma points
    Aug 11, 2014 @ 15:19
    Thomas Beckert
    0

    Ok, I have the Staging of this website, that is still running in 6.1.6. When I just change the connectionsstring to the database of the live, I can login again - but from another web application. So it has something to do with the 6.2.1 upgrade. But how to fix that? Cannot downgrade to the previews version... and do the upgrade again is also not possible, because I cannot login. :)

     

  • Dennis Aaen 4433 posts 17887 karma points admin hq c-trib
    Aug 11, 2014 @ 19:19
    Dennis Aaen
    1

    Hi Thomas,

    Maybe I was not clear enough. try to chek the UmbracoUser table in the database to see if userNoConsole column has the value 1 or true for the user that you are trying logging in with and for other users, it should be 0 or false.

    /Dennis

  • Thomas Beckert 162 posts 369 karma points
    Aug 11, 2014 @ 20:42
    Thomas Beckert
    0

    hi. I get you right. Checked this and all users habe the value false.

  • Thomas Beckert 162 posts 369 karma points
    Aug 12, 2014 @ 10:36
    Thomas Beckert
    0

    Hi,

    I think Version 6.2.x seems to be the problem.

    I made a copy of the web and overwrite 6.2.1 with files from 6.2.0. Same issue.
    Then I overwrite the files with 6.1.6 and it worked again.
    Any idea where to look for the problem in 6.2.1?
    I don't want to fix it this way in the live environment.

    Best regards -


    Tom

     

  • Allan 38 posts 186 karma points
    Jun 22, 2015 @ 09:38
    Allan
    1

    Hi,

    We had a similar issue on two 6.2 installations.

    The logs seemed to indicate multiple login attempts and now the admin account was permanently locked. The following is a complete solution using other comments, etc...

    1. Check the user in [yourDB].dbo.umbracoUser - make sure 'userNoConsole' is set to 'False'
    2. Change userPassword to 'justatest'
    3. In web config find UmbracoMembershipProvider and UsersMembershipProvider and set passwordFormat to "Clear"
    4. Add maxInvalidPasswordAttempts and set its value to 999999 to the UsersMembershipProvider
    5. Login as the admin using the password 'justatest' to make sure it works
    6. Back in the web config set passwordFormat back to "Hashed" and reduce the maxInvalidPasswordAttempts to 5
    7. Now change the admin password in umbraco to the required genuine password.
    8. Everything should now work properly!

      <add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" useLegacyEncoding="false" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Hashed" />
      <add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" useLegacyEncoding="false" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" />
      
Please Sign in or register to post replies

Write your reply to:

Draft