We're currently sampling High Sierra 10.13.1 on a few machines in the office. One of the users is getting a strange issue after a password reset.
When she reboots she's prompted for a password as usual; using the new one doesn't work. Entering the old one we get the grey progress bar, and after a while a second login-screen appears, at which she then has to enter the new password. How do we fix this? This kind of 2FA is quite undesirable.
Cheers,
Tink
Best Answer
It sounds like the FileVault encrypted drive is allowing the old password (first login) to unlock the drive. But, instead of automatically logging in as the same user, the password reset is causing the second login.
You will need to login to an local admin user and remove the user's ability to decrypt the drive on the command line...
Then add the user back in using...
Or, with macOS High Sierra, you can use the "Enable Users" button located in System Preferences -> Security -> FileVault.
I do not know if this is normal after a password reset, but you may want to confirm that your password reset procedure is correct.