I installed WP MU on my Godaddy domain site in the UTC-5 time zone. I created a user with administrator privileges who lives in the CET time zone.
The new user account works in my UTC-5 zone. The CET user can log in with user name and password but can not see the dashboard.
The weak password is allowed.
I am wondering if this is a security issues. Any advice is much appreciated.
How is the user logging into the account? It's possible the user is logging in using the login link on the site and not using the admin link. http://mywpdomain.com/wp-admin link. User may have a plugin/Addon that is blocking or affecting the admin page. Script blockers, Add blockers, Firewall or Browser can also affect the admin page.
See if the user can login using a different browser or try Incognito/Private mode in the browser. In Chrome Incognito disables all plugins/add-ons and can help rule out any plugins that may be affecting the admin page.
I would also not recommend the use of a weak password. There are bots that will scan for a wordpress site and for user names and then will try and login using Brute force. If a hacker gets access to your site he may use your site to spread malware or add pages only visible to Search Engines for the sole purpose of promoting their site or some other site.
Never allow weak passwords unless it's absolutely necessary and you have other protections in place like blocking access to the admin site for all IP's except certain IP's
Thank you for this input.
I had them try my login ID and password. They were able to access. Just not with the new user I created.
I will continue to investigate. I also will use strong passwords.