I just upgrade from Magento 1.9.3.3 (form key disabled) to 1.9.3.7. Now I cannot login to the backend. The error message is 'You did not sign in correctly or your account is temporarily disabled.'
I tried to reset the cookie domain, clear the cache and session from both server and browser and still no luck.
There are many posts concerning magento 2, but far less talking about magento 1. Does someone with magento 1 had and solved this issue? Thanks for your help in advance!
After a bit of googling around I found there are many people having various versions of issues which all have the common root to 'session keys'.
Solution: go to 'System->configuration', in section (left menu) choose 'General->Web'. On the main content, go to 'Session cookie management'. All these parameters can be tweaked according to your needs. However, to solve the login problem, just change the cookie domain to '.example.com', replace the example with your domain name and the dot in the front of the string is important.
Explanation: During login, magento will lay 2 cookies (among other sessions). one is 'domain.com'=>value1, the other one is '.domain.com'=>value2.
The value1 should equal to value2. If they don't, the cannot login will happen. By setting the '.example.com' as the domain instead of 'example.com', Magento will somehow force set these 2 values equally.
I have problem with only Chrome, all the other browsers will give equal answer to the values. Could this be a Chrome thing?