There are two major problems with the bento theme login which will need to be fixed. Until they are, I am recommending that everyone avoid using the javascript login form and instead use the standard login page that is used by the legacy wiki.

Issue 1: The login form sends information in plain text over plain HTTP. I have actually fixed this on stage, but perhaps others would like to review it to make sure that passwords aren't being sent in clear text anymore. Assuming that is the case, it can go live when I run the next update. So please try this out in stage (if you are able) and get back to me. If one of you have WireShark installed, that would be perfect.

Issue 2: As far as I can tell, this login form is the reason behind Bug 619735. After a lot of testing and troubleshooting in stage, this is the most likely culprit so far. Basically, I can duplicate the problem easily when using the bento login form, but I cannot duplicate at all using the standard login page. It looks like the cookie is not set properly when using this login, although I can't see any apparent reason why that is. Strangely enough, submitting an edit does set the cookie, which is why only the first edit fails.

Please test out the fix for the first issue, and see what might be causing the second. Until then, the best workaround is to use the standard login form.