Password Incorrect on forum admin after changing membergroup

[Tripredacus]

Using SMF 2.0.5

Problem: User, in membergroup that has forum admin permissions, can log into forum, but gets password incorrect when logging into forum admin.

Background: We created a membergroup (for this example, Admin2) that has all forum permissions, but has a different group title and image. Users of this type have different responsibilities and capabilities than regular Admins (outside of the forum) and while it is not actually required that users in this group have forum admin access, it was in the design (ie: if this has no actual resolution, I can remove the forum admin permissions from the group). NOTE: this is not a post regarding being locked out of forum admin in general.

Here is the workflow (using different browsers to have simultaneous access to admin and test account)
- Using admin account, test account (which was in post-pased/non-group) set primary membergroup to 'admin2'
- Log into forum with test account, verify admin option appears on top menu.
- Click on admin, put password into field. ERROR: Password incorrect
- As test user, attempt to change password via profile (for non-admin admins, there is a password confirmation and) ERROR: password incorrect. (Cannot use change password by email due to not having access to the email account)
- As admin, change the password of the test user on the user profile to the same password it was already
- As test user, log out of forum. Log back into forum. Click admin, type in password, then can see forum admin cp.

So in this situation, the test user, despite having access to forum admin, could not change its own password and had to be done using an actual admin account. After this was done, the test user could log into the forum admin.

Now the task is to do this with an actual user, this user had current membergroup set to Administrators. Here is the workflow:
- Change user to primary group 'Admin2' and secondary to Administrators.
- User can see the Admin option in the menu, but gets password incorrect when they put in their password.
- Had user do password change, but with new password still cannot log into forum admin
- Had user log out of the forum, go to another site, delete the site cookies, close/re-open browser, then log into forum. Still says password incorrect when at the admin prompt.

I wanted to see if there was a way to resolve this without manually changing the user's password (and then having them manually change it themselves afterward)... if this is caused by some error in the forum, or something in the db (such as the salt) gets changed or was supposed to change and didn't, after changing the primary membergroup.

[Illori]

you should upgrade to SMF 2.0.17 and try this again. you are very behind on security patches and a few bug fixes.