After the latest update on gamepedia.com, bots are no longer allowed to use the regular user login, but have to use a Bot Password
I did setup a new bot called Molldust@bot, did setup everything correctly and tried to use pwb:
python pwb.py login
Logging in to dota2:en as Molldust@bot
I tried to track down the issue in the code and landed at api.py:
login_request = self.site._request(use_get=False, parameters=dict(action='login',lgname=self.login_name,lgpassword=self.password))
This sets up the "deprecated" action=login request. Note that the MW keeps on supporting this login methods for bots until at least 1.29. GP currently supports it as well:
login_result = login_request.submit()
This line finally throws the actual warning when trying to login.
while True: [...] elif login_result['login']['result'] == "NeedToken": [...] continue
Afterwards the login result is parsed. It contains the "NeedToken" string, so the token is tried be received again with another request. Then the loop continues from the start.
Conclusion: There is no actual error, just an infinite warning. The login results shows "NeedToken" despite already containing a token. It keeps on looping and preventing a successful login.