I've spent the past four days trying to upgrade an Umbraco 7.3.4 installation to 7.12.3 (the current latest) so it can be converted to an Umbraco Cloud project. I've gone through many upgrade iterations now and have been upgrading to every release in sequence since 7.3.4, confirming it works, and taking a snapshot before upgrading to the next minor revision.
What I've found is that right at 7.7.0 authentication stops working. The AuthorizeUpgrade page is reached but the same credentials that work every time at 7.6.13 fail with the generic "Login failed for user [email protected]". If I roll back to 7.6.13 I can log right in again with the same credentials.
There are many, many post online indicating the same problem - login fails after upgrading to 7.7.0+. To date I've tried all of the solutions I can find online but still can't log in:
Method: Follow documentation in Umbraco's 'Version specific upgrades' section for 7.7.0
Result: No change.
Method: Triple-check password
Result: I wish it were that simple.
Method: Change password to one of the known hashes
Result: No change. I've tried every hash posted in Umbraco forums.
Method: Change useLegacyEncoding to true in Web.config
Result: No change.
Method: Check log file in App_Data/Logs
Result: No helpful information or stacktraces are logged even when the application returns 500 Internal Server Error (when attempting to reset password via Forgotten Password? link).
Method: Change userNoConsole to False in umbracoUser table
Result: No change. I've yet to see userNoConsole set to anything except false. failedLoginAttempts never increments.
Method: Update mailSettings in Web.config and reset password via Forgotten Password? link
Result: No change. I always get the error 'Request password reset failed for email [email protected]'.
Method: Recycle IIS application pool after updating Web.config or database
Result: No change. I'm running IIS Express via Visual Studio 2017 and have been faithfully exiting IIS Express when I happen to run instead of debug.
Method: Delete App_Data folder before each run
Result: No change except in performance.
Method: Upgrade to 7.7.13, then up to 7.10.4
Result: No change.
Method: Update the user's securityStampToken to a new GUID in the umbracoUser table
Result: No change.
Method: Change usernameIsEmail to false in umbracoSettings.config
Result: No change. My userLogin and userEmail are both my email address.
Method: Clear cookies and cache or use Incognito Mode
Result: No change.
Method: Remove 301 Redirect Url package
Result: No change. The package has not been installed on this site.
Method: Change database password to one without an ampersand (&) in Web.config's connectionStrings
Result: No change. Password is already one without any special characters.
Method: Add entries to umbracoUser2UserGroup for user
Result: No change.
Method: Change UsersMembershipProvider in web.config to a specific string (because the poster didn't note what changed)
Result: No change. This is the string that was posted:
Thanks for the fast response! I have indeed tried the Admin Reset dll and it says it's successful, but I don't see the password hash changing in the database and I still can't log in. I've verified it's the same database used in the connection string. I'll update the question to reflect this too.
At this point the password hash is set to bnWxWyFdCueCcKrqniYK9iAS+7E=
which is the hash for 'default'. When I roll back to 7.6.13 the hash does get matched for 'default' and I can log in, so I'm relatively certain it's the right hash for the password 'default'.
I wish I could say yes, but after too many hours of trying to solve this problem without any support from Umbraco my company decided to ditch Umbraco.
I did find that the root cause is that .Net Identity doesn't generate the same password hash after the upgrade to 7.7.0, regardless of whether useLegacyEncoding is "true" or "false". Umbraco provides a thin wrapper around .Net Identity to handle authentication. I suspect that when the default authentication mechanism was changed out in 7.7.0, a bug was introduced that borks the password hash generation.
There are many, many posts describing this problem on the Umbraco forum, StackOverflow, etc but it seems like most people have just moved past it because it relates to an older version. Good luck to you!
Something that worked for me a few times was disabling any trailing slash removal rewrites and making sure the trailing slash setting in umbracoSettings.config is the default value.
Going by your last post it seems it wasn't the case here though.
I totally feel your pain. I've had this issue crop up a bunch of times during upgrading and it almost seemed like different solutions worked different times, I almost went crazy and I dread any upgrade now, hoping I don't see the "Login failed for user" again. I've given up trying to understand how many instances of this problem there are.
Sorry it didn't work out - I hope you find what you're looking for on the other side.
Login fails after upgrade from 7.6.13 to 7.7.0+
Hi folks,
I've spent the past four days trying to upgrade an Umbraco 7.3.4 installation to 7.12.3 (the current latest) so it can be converted to an Umbraco Cloud project. I've gone through many upgrade iterations now and have been upgrading to every release in sequence since 7.3.4, confirming it works, and taking a snapshot before upgrading to the next minor revision.
What I've found is that right at 7.7.0 authentication stops working. The AuthorizeUpgrade page is reached but the same credentials that work every time at 7.6.13 fail with the generic "Login failed for user [email protected]". If I roll back to 7.6.13 I can log right in again with the same credentials.
There are many, many post online indicating the same problem - login fails after upgrading to 7.7.0+. To date I've tried all of the solutions I can find online but still can't log in:
Method: Follow documentation in Umbraco's 'Version specific upgrades' section for 7.7.0
Result: No change.
Method: Triple-check password
Result: I wish it were that simple.
Method: Change password to one of the known hashes
Result: No change. I've tried every hash posted in Umbraco forums.
Method: Change useLegacyEncoding to true in Web.config
Result: No change.
Method: Check log file in App_Data/Logs
Result: No helpful information or stacktraces are logged even when the application returns 500 Internal Server Error (when attempting to reset password via Forgotten Password? link).
Method: Change userNoConsole to False in umbracoUser table
Result: No change. I've yet to see userNoConsole set to anything except false. failedLoginAttempts never increments.
Method: Update mailSettings in Web.config and reset password via Forgotten Password? link
Result: No change. I always get the error 'Request password reset failed for email [email protected]'.
Method: Recycle IIS application pool after updating Web.config or database
Result: No change. I'm running IIS Express via Visual Studio 2017 and have been faithfully exiting IIS Express when I happen to run instead of debug.
Method: Delete App_Data folder before each run
Result: No change except in performance.
Method: Upgrade to 7.7.13, then up to 7.10.4
Result: No change.
Method: Update the user's securityStampToken to a new GUID in the umbracoUser table
Result: No change.
Method: Change usernameIsEmail to false in umbracoSettings.config
Result: No change. My userLogin and userEmail are both my email address.
Method: Clear cookies and cache or use Incognito Mode
Result: No change.
Method: Remove 301 Redirect Url package
Result: No change. The package has not been installed on this site.
Method: Change database password to one without an ampersand (&) in Web.config's connectionStrings
Result: No change. Password is already one without any special characters.
Method: Add entries to umbracoUser2UserGroup for user
Result: No change.
Method: Change UsersMembershipProvider in web.config to a specific string (because the poster didn't note what changed)
Result: No change. This is the string that was posted:
Method: Start with a clean Web.config from the latest Umbraco version, compare against existing Web.config, and update accordingly
Result: No change. My changes are just setting the connection string and updating the mailSettings to spit emails to a local folder.
Method: Use Admin Reset dll
Result: I get to the "success" page but I don't see the password hash changing in the database and I still can't log in.
Method: Start over with a fresh database and fresh installation
Result: That's not an option for me - the existing website must be upgraded.
Any insight would be appreciated. I'm at my wit's end (at this point there's only one wit left).
Normally changing the
useLegacyEncodingtotruefixes this. But if you've made other changes to password hashes this might break that.Otherwise, have you tried this package:
https://our.umbraco.com/packages/developer-tools/umbraco-admin-reset/
It usually works!
Thanks for the fast response! I have indeed tried the Admin Reset dll and it says it's successful, but I don't see the password hash changing in the database and I still can't log in. I've verified it's the same database used in the connection string. I'll update the question to reflect this too.
At this point the password hash is set to bnWxWyFdCueCcKrqniYK9iAS+7E=
which is the hash for 'default'. When I roll back to 7.6.13 the hash does get matched for 'default' and I can log in, so I'm relatively certain it's the right hash for the password 'default'.
Did you find the solution?, I got same issue....
I wish I could say yes, but after too many hours of trying to solve this problem without any support from Umbraco my company decided to ditch Umbraco.
I did find that the root cause is that .Net Identity doesn't generate the same password hash after the upgrade to 7.7.0, regardless of whether useLegacyEncoding is "true" or "false". Umbraco provides a thin wrapper around .Net Identity to handle authentication. I suspect that when the default authentication mechanism was changed out in 7.7.0, a bug was introduced that borks the password hash generation.
There are many, many posts describing this problem on the Umbraco forum, StackOverflow, etc but it seems like most people have just moved past it because it relates to an older version. Good luck to you!
Something that worked for me a few times was disabling any trailing slash removal rewrites and making sure the trailing slash setting in umbracoSettings.config is the default value.
Going by your last post it seems it wasn't the case here though.
I totally feel your pain. I've had this issue crop up a bunch of times during upgrading and it almost seemed like different solutions worked different times, I almost went crazy and I dread any upgrade now, hoping I don't see the "Login failed for user" again. I've given up trying to understand how many instances of this problem there are.
Sorry it didn't work out - I hope you find what you're looking for on the other side.
is working on a reply...