Title: error password
Last modified: January 9, 2023
---
# error password
* Resolved [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 5 months ago](https://wordpress.org/support/topic/error-password-3/)
* Hello everyone,
I have a connection problem with the password which is systematically
qualified as an error when I connect with a new user test account (I connect
without problem on my admin account (I have 2FA).
* Indeed, when I create test accounts, I cannot access the site. To access, it
is necessary to request the regeneration of a new password via email and there,
after having changed it, I could finally connect, it will be accepted.
* I believe the problem came with the installation of ithemes security. However,
I disabled the plugin but the problem remains.
* Is there a connection file corruption?
Thank you
- This topic was modified 3 years, 5 months ago by [mand01](https://wordpress.org/support/users/mand01/).
* The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Ferror-password-3%2F%3Foutput_format%3Dmd&locale=en_US)
to see the link]_
Viewing 15 replies - 1 through 15 (of 22 total)
1 [2](https://wordpress.org/support/topic/error-password-3/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/error-password-3/page/2/?output_format=md)
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16360383)
* So the initial password you set as a new user does not work, but when you reset
it, the new password does work? That’s strange because new and reset passwords
utilize the exact same process.
* It’s possible for security plugins to alter other files where the changes persist
after the plugin is deactivated. You may need to refresh all the core files.
Before doing that, let’s be sure there’s not something else at play. Deactivate
all plugins and switch to a default twenty* theme. Test a new user now. If it
still fails to work, try the Re-install version x.x.x button for core WP on the
updates admin screen. Or update if that’s appropriate.
* That button doesn’t always work reliably in refreshing files, but it’s much easier
to use than manually refreshing files. If the re-install/update button resolves
the problem, then great, otherwise proceed with the manual method.
* Obtain a fresh WP download of whichever version you use. Then follow the [manual “update” instructions](https://wordpress.org/support/article/updating-wordpress/#manual-update),
even though in using the same version you aren’t really updating.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16360766)
* Hello Bcworkz, thanks for your intervention again.
* To be sure that the translation of my words is what I say, here is again the
description of the problem encountered:
I create a new user. I click on the
link in the activation email received, and I immediately enter the site where
I can navigate perfectly. I disconnect, I enter my identifiers and there… “ERROR:
The username or password you entered is incorrect”.
* I deactivated all my plugins -one by one- I deleted my “ithemes security” plugin
which offered 2FA and the problem disappeared. I put back a single plugin and
there the anomaly started again.
* So I contacted plugin support and explained the situation. So far no response.
* With a different theme, the problem persists.
But I will still apply the solution
you suggest and reinstall the WP core
- This reply was modified 3 years, 4 months ago by [mand01](https://wordpress.org/support/users/mand01/).
- This reply was modified 3 years, 4 months ago by [mand01](https://wordpress.org/support/users/mand01/).
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16360856)
* I just did a manual WP update and the problem is still there.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16363726)
* How did you create the new user? Using the user registration form, or from the
backend as admin? Either way, the new user wouldn’t normally be taken directly
to the site from the email link. The email link should take them to a password
reset form. If you set a password for the user as admin, it should work to login,
but it is not disclosed to the user in the email, so they’d need to reset it
in order for them to know their own password.
* Thanks for trying the manual update method. Something is active that’s altering
normal behavior. Have you tested this with no plugins active and using a default
twenty* theme? Also check if there is a /wp-content/mu-plugins/ folder. If there
is and it contains any files, they are active must-use plugins. Rename the folder
to disable them.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16363862)
* I created the new user outside of the WP admin, using the user login form.
* Yes, I deactivated all plugins, I activated a theme twenty.
There is no Mu folder
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16367138)
* What is the email link for the new user? It’s supposed to be something like
`
https://example.com/wp-login.php?action=rp&key=2W3HakMa5akFCOfDgKFK&login=newusername`
* The wp-login.php?action=rp part should take them to the password reset form where
they’d set their desired password. They shouldn’t be automatically logged in
like you’ve described.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16367613)
* Yes ,it’s a same link.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16371052)
* I wonder if you have some stale cookies in your browser that’s confusing your
testing efforts. If you are using a unique, never used before username as a test,
then cookies wouldn’t be a factor. If you’ve reused a test name, they might be
a factor.
* That shouldn’t affect a wp-login.php?action=rp link in any case. Somehow in your
case this link is being redirected. If you’ve refreshed all the core files and
are testing in a default state, any redirect would have to be external to WP,
such as a .htaccess rule. Is there anything in .htaccess related to redirecting
or rewriting wp-login.php requests?
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16372354)
* Salut bcworkz,
I regularly clear my browser cache, I used a new user test each
time. I specify that I never had problem of connection myself as admin. As for
the htaccess file, it is almost empty:
* > `# BEGIN WordPress
> # Les directives (lignes) entre « BEGIN WordPress » et «
> END WordPress » sont générées # dynamiquement, et doivent être modifiées uniquement
> via les filtres WordPress. # Toute modification des directives situées entre
> ces marqueurs sera surchargée. RewriteEngine On RewriteRule.*–[
> E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.
> php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME}!-
> d RewriteRule . /index.php [L]
> # END WordPress
> # Wordfence WAF
> Require all
> denied Order deny,allow Deny from
> all
> # END Wordfence WAF`
* I have a feeling that the problem is in the wp-login.php file.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16373190)
* We presumably have the exact same wp-login.php, yet I cannot replicate the behavior
that you’re experiencing. If you have a recent manual update, use no plugins
and a default theme, you have the same installation that I’m testing with. Any
aberrant behavior would thus have to external to WP, or there is some old code
somewhere that didn’t get deleted or replaced during manual update.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16373448)
* It is likely that we have the same file.
I deleted the old wp-login.php to replace
it with a new one directly from a complete wordpress file. Result: still the
same problem. So it’s not from the file in question.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16374857)
* Maybe try creating a new installation in a sub-folder? If the same behavior is
observed, there’s something odd about your server configuration. If proper behavior
is observed, there’s something odd about this specific installation. While it
doesn’t directly resolve the problem, it narrows down where to look for it.
* I know you properly manage your browser’s cookies and cache, but all the same
maybe it’d be worth testing with a browser you don’t normally use, or even a
computer you don’t normally use, if you have access to one. Or at least use incognito
or safe mode. Just to eliminate possible client side causes, no matter how unlikely
it is they’d be the culprit.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16375034)
* It’s an idea indeed, to create a WP subfolder.
I will see that.
* Thread Starter [mand01](https://wordpress.org/support/users/mand01/)
* (@mand01)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16375134)
* I just did the recommended manipulation: I installed a WP in a subdomain and
I find myself with the same connection anomaly.
* I don’t understand.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/#post-16378274)
* You’re not the only one. Did you obtain a fresh download .zip from wordpress.
org for the installation? We don’t want to replicate any strangeness related
to your initial installation.
* This is indicating something odd about the server configuration. But admin user
being OK, the problem being with new users with lesser roles contraindicates
a server issue. What if you created a new admin user? The initial admin user
created during installation never does the email/set password process, it’s established
through a different mechanism.
* If you get aberrant behavior with a new admin user, then I lean strongly towards
server configuration, though I cannot imagine how that could be. There’s nothing
odd about your .htaccess. All the same, maybe try removing the WordFence portion.
It’s the only thing non-standard that’s left and even though it’s in public root,
it can influence sub-folders.
Viewing 15 replies - 1 through 15 (of 22 total)
1 [2](https://wordpress.org/support/topic/error-password-3/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/error-password-3/page/2/?output_format=md)
The topic ‘error password’ is closed to new replies.
* In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
* 22 replies
* 2 participants
* Last reply from: [mand01](https://wordpress.org/support/users/mand01/)
* Last activity: [3 years, 4 months ago](https://wordpress.org/support/topic/error-password-3/page/2/#post-16396269)
* Status: resolved
## Topics
### Topics with no replies
### Non-support topics
### Resolved topics
### Unresolved topics
### All topics