Based on <a href="http://www.gigascale.org/infrax/faq/183.html">Users are having problems changing passwords</a>

<p>If users are having problems changing passwords, one
thing to check is that the PhP crypt() function
is using DES and not MD5.


<p>It turns out that if MD5 is available while PhP
is being installed, then crypt() will use MD5.  This will
cause problems because in the user db, the profiles
table has a cryptpassword field that was generating
using DES.  Thus, if PhP is upgraded and starts returning
MD5, then users will not be able to log in.

</p><p>The way to check this is to use 
<a href="http://www.gigascale.org/mysql">phpMyAdmin</a> and look in the user
db at the profile table.  The cryptpassword fields should
look like
</p><pre>FWKB/tafHGgPc
</pre>
If they have a lead $1
<pre>$1$$2eO1/WkTvNyuDcyh 
</pre>
then the crypt() method is using MD5.
<p>It turns out that this is a problem because the
cryptpassword field is limited to 20 chars but
the MD5 version returns more than 20 chars

</p><p>The fix is to reinstall PhP by running configure,
then editing <code>main/php_config.h</code>
and changing
</p><pre>#define PHP_MD5_CRYPT 1

</pre>
to
<pre>#define PHP_MD5_CRYPT 0
</pre>
and then reinstalling.

<p>Note that users with MD5 style cryptpassword entries
will need to get new passwords.

</p><p>See also
<a href="http://embedded.eecs.berkeley.edu/dopsysadmin/faq/68.html">Password Problem with Java Pages</a>.
</p></dd>