After a test on a local server which worked as expected, the public website has only recorded the maintenance account password. Lots of users have logged in and out since AES activation but the 'aes_passwords' table still has only one record.
Mcrypt is OK and the checkbox to record users password is checked. The key is stored in a file which was automatically created after saving the path in the settings page.
But if maintenance account password has been recorded, why not others?
Should the 'View passwords' permission be granted to roles I want the users' password to be recorded?
Any advice?



bobbyaldol’s picture

No the view passwords role should only be given to the user who should view the passwords. But I still dont have enough information to go on. Maybe try with the phpseclib , if the problem persists then theres a problem with the module, otherwise it might have something to do with Mcrypt. I am guessing.

PhilY’s picture

Status: Active » Closed (works as designed)

A bit strange but it seems to be working now.
Maybe a cache issue on user side.

Anyway, many thanks for taking time to answer me.