I last successfully logged in to https://bugzilla.opensuse.org/ on 2021-03-16. Today 04-20, I could not authenticate. It looks like there is a new authentication infrastructure (whose name I didn't copy down). I went through the "reset password" procedure twice, and finally got on once, but once again I'm unable to get on. The login page shows an error message, "Bugzilla requires a valid user name and password". This month I've installed a password manager, Bitwarden. When appropriately clicked on, it will insert the user ID and password in the login form, which it "successfully" did with all three passwords (original and two new ones). But whatever it inserted, was not acceptable to the auth system. For the new passwords I generated new 16 byte random ones, and saved them in a file, and pasted them onto the password change form, and then the Bugzilla login form (after Bitwarden's rendition was rejected). These also were rejected. The one time I got on, I was very low tech: I typed everything letter by letter. But 3 hours later I could not repeat that performance (with the same password, the second new one). (I tried several times.) So I signed up with the mailing list system, which uses a different infrastructure including a choice of Identity Providers; I used the OpenSuSE one. Actually I gave it my latest Bugzilla credentials, but it wanted to sign me up with a new identity. Apparently the Bugzilla provider shares identity info with it; it knew my e-mail address without being told, but it did not re-use my user ID, which combines my normal loginID and my work site name, so is very likely to be unique. Does anyone have any idea what's going on, and how I can authenticate to Bugzilla? I'm thinking that the login form has been updated with Javascript provided by the new outsourced Identity Provider, that can distinguish keystroke input from program-generated text and which rejects the latter as a defense against bots. While bot defense is not bad, you get a whole lot better defense if you encourage the users to use a password manager with long random passwords. -- James F. Carter Email: jimc@jfcarter.net Web: http://www.math.ucla.edu/~jimc (q.v. for PGP key)