I don't see anything that sounds wrong about how you're doing this.
However, a common error is having a DB_PREFIX setting on the live site that's different from the DB_PREFIX setting on the local site. Thus, when attempting to logins, it's pulling info from the wrong set of tables and thus can't do a security match.



