Username and password do not match on login

Description

Environment
Adobe Experience Manager 6.x

Issue/Symptoms
When trying to log in to AEM, the error Username and password do not match is returned in a red box on the login screen.

When inspecting the network traffic via a browser debugger, a 403 errorresponse is returned from an Ajax HTTP POST request to this URL:
/libs/granite/core/content/login.html/j_security_check.

Resolution

To debug and fix this issue, follow the guide below:

Analysis

Step 1: Validate the username, password, and that the user exists:

If the issue only happens with one or a few users, then it could be that the wrong usernames or passwords are being used or the users don’t exist in AEM.

Check the password:

  1. Use Chrome browser and open the Developer Tools and select the Network tab in the browser. Then, attempt to log in again.
  2. Select the POST request ending with j_security_check in the URL.
  3. In the lower-right panel of the Headers tab, scroll to the bottom.
  4. Validate that under Form Data, the password being sent in the j_password parameter is correct.

Validate that the user exists and reset the password:

  1. Log in as the admin user.
  2. Go to the user administration screen.
  3. Verify that the users exist.
  4. Create the user if it doesn’t exist or reset the password if it does.

Step 2: Analyze broken authentication handling

If none of the above solves the problem, then:

  1. Log in to the AEM server’s OS.

  2. Tail or view the error.log file.

  3. View the updates to the log while attempting to log in to AEM.

  4. If any errors or warnings are logged, then analyze those warnings.  If nothing is logged, then enable a debug log with these settings:

    Log Level: Debug
    Log File: auth-debug.log
    Loggers:
    org.apache.sling.auth
    

    com.adobe.granite.auth
    com.day.crx.security.token

  5. At this point, if you are unable to analyze the log messages, and find the root cause, then contact AEM Customer Support.

Cause
The username or password could be incorrect, or there could be an error from the authentication handler during login.

On this page