Comment 3 for bug 890929

I think this code is wrong in auth/lib.php:login_submit():

    // Check if the user's account has become inactive
    $inactivetime = get_config('defaultaccountinactiveexpire');
    if ($inactivetime && $oldlastlogin > 0
        && $oldlastlogin + $inactivetime < time()) {
        $USER->logout();
        die_info(get_string('accountinactive'));
    }

Because $oldlastlogin is set to 0 at the top of the function and never changed. So the code within the "if" statement will never execute.