Hello,
Sorry for the delay in answering.
No upgrade, no change in configuration lately.
The issue is observed only for accounts which in the past had the password hashed with fasthash, i.e. only 04 iterations and the system did not upgrade as it should do by default to 10 iterations when the user changes the password.
The users which force-change the password these days have the hash correctly upgraded to 10. Why in the past this did not happen and they still have 04 after password change? Why now the system doesn't know to check the password hashed with 04 as it is correctly in the database, for the users which had change their password in time? It does only for new users, since end of March 2022, who have force-password-change flag and the new hash is done in background without any impact to the user experience.
So for us the only solution is to ask the users to do Forgot password.
Thank you
Sorry for the delay in answering.
No upgrade, no change in configuration lately.
The issue is observed only for accounts which in the past had the password hashed with fasthash, i.e. only 04 iterations and the system did not upgrade as it should do by default to 10 iterations when the user changes the password.
The users which force-change the password these days have the hash correctly upgraded to 10. Why in the past this did not happen and they still have 04 after password change? Why now the system doesn't know to check the password hashed with 04 as it is correctly in the database, for the users which had change their password in time? It does only for new users, since end of March 2022, who have force-password-change flag and the new hash is done in background without any impact to the user experience.
So for us the only solution is to ask the users to do Forgot password.
Thank you