Make WordPress Core

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#6426 closed defect (bug) (invalid)

wp 2.5.rc1 causes passwords to break on pre 2.5 releases using shared user table

Reported by: jsherk Owned by:
Milestone: Priority: normal
Severity: major Version: 2.5
Component: General Keywords:
Focuses: Cc:


I have 5 production installs of WP 2.3.3 on my host, and have installed v2.5.RC1 in my sandbox on the same host. They all share a common user table for the user names and passwords.

I can no longer log into my 2.3.3 blogs using any user that has logged into 2.5.rc1... it gives a password incorrect error.

I have to physically go into the database and change the md5 password to something else in order to able to log back into the 2.3.3 blogs. It will then work fine again, until I use that username to login to the 2.5.rc1 blog, and then it no longer works again on the 2.3.3 blogs.

I noticed that the problem occurs because when I log into 2.5.rc1 it actually CHANGES the password in the database!!!

It may not be an issue if all your blogs that share the user table are all updated at the same time, but I'm not sure.

I posted this problem here:

Change History (2)

comment:1 @westi8 years ago

  • Milestone 2.5 deleted
  • Resolution set to invalid
  • Status changed from new to closed

Not a bug.

WordPress 2.5 has much improved cookies and password hashing.

See #5367.

Note: See TracTickets for help on using tickets.