@PoeticInjustice - haven't seen any reports of this being an issue in Firefox. Create a different thread here and post a link if you want someone to look at it. (Edit: I see that PI edited his comment to include a link)

@Bunni - I was able to reproduce the problem in Vista with IE8. The problem is that IE8 is saving two session cookies. When you first hit a page, you get a session cookie. When you log in, Elgg gives the browser another session cookie and the browser should delete the previous cookie. This is a security feature. IE8 was not deleting the previous cookie and when the browser requested the dashboard page, Elgg was getting two cookies. It used the session cookie that was for the non-logged in session and redirecting the user back to the front page.

Why is IE8 not deleting the session cookie? Because they are for two different domains. You are using both http://animalinterwebs.com and http://www.animalinterwebs.com

IE gets confused by that sort of thing. If you clear your browser cache, shutdown IE and restart IE and then go to http://www.animalinterwebs.com/ you will be able to log in. What you need to do is redirect people who hit the non-www address to the www one. There is information on this in the Elgg Administrators FAQ.

Sorry it took me so long to come back. I got sideswiped by life.  That took care of the problem. I'm not sure how I should redirect people from the nowww to the www page. My server (dreamhost) offers an option to redirect but when I used that it messed things up and gave me back the original problem.  I tried using the code in the FAQ (I don't know if it will print here) 

RewriteCond %{HTTP_HOST} .

RewriteCond %{HTTP_HOST} !^animalinterwebs\.com

RewriteRule (.*) http://animalinterwebs.com/$1 [R=301,L]

but I got an error message with that "form is missing _token or _ ts fields". 

I entered the code in the htacess file just before the </IfModule> because other code that looked similar was there.

I'm farther along than I was and I appreciate it a lot but I'm not quite there yet. 

@Bunni

I use this in my .htaccsess to set automaticly http://myELGG.com/ to http://www.myELGG.com/

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^myELGG\.com$
RewriteRule ^(.*)$ http://www.myELGG.com/$1 [L,R=301]

HTH

Tried the code shown above and here's what happens: If I go to nowww to log in I enter the username and pwd and click submit. When I click submit it redirects me to the www page where when I try to log in I get redirected to the www login page again. It is not redirecting me before the first login attempt and it seems that's why it's causing the original error over again. 

You have bevor edit the field in Site administration: The site URL, followed by a trailing slash ?

http://www.yourELGG.com/

The code in my last topic-post i past it complete on top in the .htaccess under the description...

Hi Bunni

I've had this problem since 1.5.  Changing my .htaccess didn't work.  But it's hard to investigate because it's so intermittent.  When it first happened I opened a ticket, sent in my error log.  They said my md5() wasn't functioning properly, but a test in my browser showed that it was working fine.  Wish I could help you.

@bunni,

If i browse, http://animalinterwebs.com it is not Redirecting to http://www.animalinterwebs.com, which it Should, to resolve Cookies problem.

So, try adding below two lines to .htaccess file,

RewriteCond %{http_host} ^animalinterwebs.com [nc]
RewriteRule ^(.*)$ http://www.animalinterwebs.com/$1 [r=301,nc]

@aj2479 - having a working md5() function has nothing to do with htaccess

@bunni - I agree with mahesh. It looks like you are forwarding to the wrong address if you are using the .htaccess lines that you posted above.

@Cash- yeah, I didn't think it made any sense, but I figured I knew much less than everyone else around here.