Hello,
I've got a test setup for which I've lost the admin password. I have access to the database and I can see the password hash. Since this is on a local setup the email based password recovery isn't working either. How can I reset the admin password? Can I generate a new SHA1 hash of a password and replace the password hash in the DB with it? What routine is used to generate he password hash?
Thanks,
Sourjya
Resetting admin password without email?
Moderators: jmacgreg, michael, jheckman, barbarah, btbell, bdgregg, asmecher
Forum rules
What to do if you have a technical problem with OJS:
1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.
2. Check the FAQ to see if your question or error has already been resolved.
3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.
What to do if you have a technical problem with OJS:
1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.
2. Check the FAQ to see if your question or error has already been resolved.
3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.
3 posts
• Page 1 of 1
Resetting admin password without email?
by sourjya » Thu Jan 10, 2013 2:30 am
- sourjya
- Posts: 2
- Joined: Thu Jan 10, 2013 2:26 am
Re: Resetting admin password without email?
by bdgregg » Thu Jan 10, 2013 7:50 am
Sourjya,
I've found a slightly older document here http://pkp.sfu.ca/files/docs/quickreference/quickreference.pdf that may be of some assistance. Please look at page 38 of the PDF where it talks about how to reset passwords directly with the database. The following steps will require you to have direct access to the database.
I will recap what it says here as well for those that have lost/forgotten the admin password. There is also another thread that discusses this found here that is similar but is not so straight forward: http://pkp.sfu.ca/support/forum/viewtopic.php?f=8&t=6582&start=0
Common Database Tasks
It is possible to perform most tasks that will be needed for a successful conference or journal without
needing to access the database directly. However, it may occasionally be necessary to fetch information
from the database. See the “Database Access” section above for information on executing SQL
statements; alternately, use a graphical interface such as PhpMyAdmin. (SQL statements can be
executed in PhpMyAdmin by clicking the “SQL” icon.)
Determining a User ID
A user ID can be fetched from the database using one of the following SQL statements:
If you have an email address for the user (e.g. pkpsupport@sfu.ca):
If you have a username (e.g. admin):
Note that normally the admin user has a user_id of '1'.
Password Reset
To reset as user's password, follow these steps:
1. Determine the user ID (see above).
2. Determine the password encryption method. See the encryption setting in the [security]
section of the config.inc.php configuration file. This will be sha1 or md5.
3. Execute the following SQL to reset the password. For example, for user ID 15 with
md5 encryption, to reset the password to “newPasswordHere”:
If your configuration indicated sha1 then to reset the password to "newPasswordHere":
To reset the admin password where the user_id for the admin account is '1' and the encryption is SHA1:
I hope this helps.
I've found a slightly older document here http://pkp.sfu.ca/files/docs/quickreference/quickreference.pdf that may be of some assistance. Please look at page 38 of the PDF where it talks about how to reset passwords directly with the database. The following steps will require you to have direct access to the database.
I will recap what it says here as well for those that have lost/forgotten the admin password. There is also another thread that discusses this found here that is similar but is not so straight forward: http://pkp.sfu.ca/support/forum/viewtopic.php?f=8&t=6582&start=0
Common Database Tasks
It is possible to perform most tasks that will be needed for a successful conference or journal without
needing to access the database directly. However, it may occasionally be necessary to fetch information
from the database. See the “Database Access” section above for information on executing SQL
statements; alternately, use a graphical interface such as PhpMyAdmin. (SQL statements can be
executed in PhpMyAdmin by clicking the “SQL” icon.)
Determining a User ID
A user ID can be fetched from the database using one of the following SQL statements:
If you have an email address for the user (e.g. pkpsupport@sfu.ca):
- Code: Select all
SELECT user_id FROM users WHERE email = 'pkp-support@sfu.ca';
If you have a username (e.g. admin):
- Code: Select all
SELECT user_id FROM users WHERE username = 'admin';
Note that normally the admin user has a user_id of '1'.
Password Reset
To reset as user's password, follow these steps:
1. Determine the user ID (see above).
2. Determine the password encryption method. See the encryption setting in the [security]
section of the config.inc.php configuration file. This will be sha1 or md5.
3. Execute the following SQL to reset the password. For example, for user ID 15 with
md5 encryption, to reset the password to “newPasswordHere”:
- Code: Select all
UPDATE users SET password=MD5(CONCAT(username, 'newPasswordHere'))
WHERE user_id = 15;
If your configuration indicated sha1 then to reset the password to "newPasswordHere":
- Code: Select all
UPDATE users SET password=SHA1(CONCAT(username, 'newPasswordHere'))
WHERE user_id = 15;
To reset the admin password where the user_id for the admin account is '1' and the encryption is SHA1:
- Code: Select all
UPDATE users SET password=SHA1(CONCAT(username, 'newPasswordHere')) WHERE user_id = 1;
I hope this helps.
Brian Gregg
Solutions Architect
University of Pittsburgh
University Library System
Solutions Architect
University of Pittsburgh
University Library System
- bdgregg
- Posts: 107
- Joined: Wed Sep 15, 2004 8:21 am
- Location: University of Pittsburgh
Re: Resetting admin password without email?
by sourjya » Thu Jan 10, 2013 6:32 pm
Brian - THANK YOU VERY MUCH! That worked perfectly. My hash was set to SHA1 and earlier I had tried to set the value in the DB as SHA1('password'). It's the CONCAT part with the username that I missed out on.
Sincere Thanks for such an all-comprehensive reply.
Regards,
Sourjya
Sincere Thanks for such an all-comprehensive reply.
Regards,
Sourjya
- sourjya
- Posts: 2
- Joined: Thu Jan 10, 2013 2:26 am
3 posts
• Page 1 of 1
Return to OJS Technical Support
Who is online
Users browsing this forum: Bing [Bot] and 0 guests