Roots Discourse

Salts in staging vs production and user log in troubles


#1

I have different salts in Trellis for staging and production, and when I push the DB from production to staging (using WP Migrate DB) I can no longer log in with my wp username and password from production. I know I can reset the password or login with wp-cli-login.

If I made the salts in example.com/trellis/group_vars/staging/vault.yml identical to example.com/trellis/group_vars/production/vault.yml would that make any difference. Also does this have a significant security implication?


#2

When a user account is created, the salt specified at the time will be used to create it. If the salt is then changed later, the login will fail as it can’t check the credentials using the old (non existing salt).

This intended behaviour and is recommended to have different salts between environments.


#3

ok, thanks. We’ll just use the wp-cli-login command instead of wp-login.php