Correct.
I do have emails working elsewhere on my site with Universal Email. I think the issue may be what you describe in the second paragraph, so I'll try testing on a live server.
Before I do that, I have a question. You stated "After you updated the db for the password column did you clear those records and register new users for them? If you stored the information as only 20 characters it will not pass the comparison on the login. You must ensure that the full hash of the password is stored when the user registers, and that you are comparing the has of the entered password for that user.". Does this mean the new Security Assist pages won't work with my existing database? My original database was set up with only 20 characters for the password. I can easily change it as you describe, but clearing the records would be a problem. I don't want existing users not to be able to access my site.
Please let me know how to proceed.