Recently i realized that i have something strange with how ISPConfig handle passwords.
In my configuration i;'ve changed default setup to use md5 - longer passwords:
$go_info["server"]["password_hash"] = 'md5'; // 'crypt' = crypt; 'md5' = crypt-md5
Unfortunately sometimes it produce incorrect hashes - user can not login. Re-entering same password in ispconfig interface gives ma different hash. Sometime i have to reenter it two or three times to login (different hash value every time - i've double checked this).
This seems not to happen if i setup user accounts from ispconfig admin account (ispconfig clients logins gives me this behaviour) - but i do not work like this on a daily basis.
P.S. I use also user@domain mod but hashes in userdb file are always same as in /etc/shadow - so synchronized correctly.
EDIT: it happens despite user i choose (admin or not). I' ve always to check if password is ok - with mailuser or webmail login to be sure. This bug stopps me from giving their own admin panel for my users