I believe this to be related to my other question regarding USR02 and USRPWDHISTORY.
In older systems, <= 6.40, the encryption algorithim was MD5 and in systems newer than 6.40, the algorithim is SHA-1.
When a user with the newly encrypted password attempts to access an older system and the profile parameter login/password_downwards_compatibility is set to 1 or 2, the password would be invalid or incompatible. However if it is set to 3 or 4, the system converts the password to an "old-style" password and checks against the older system, it will allow it if it matches, even though technically it is not compatible.
So for example, if a user in the newer system has a password with lower case and/or longer than 8 characters, and that parameter is set to 3 or 4, the system would convert it to uppercase and truncate it to 8 characters, and this is where the alert comes from.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.