Bcrypt compare returns false randomly for correct passwords
your pre('save')
middleware is updating password every time you save object.To stop this use isModified
function of mongoose like below:
SellerSchema.pre('save', function(next) { if (this.isModified('password')) { // check if password is modified then has it var user = this; bcrypt.hash(user.password, 10, function(err, hash) { if (err) { return next(err); } user.password = hash; next(); }); } else { next(); }});