Sep 01 2012
Last update:

How to Reset Drupal Admin Password

Filed under: Content Management Systems » Drupal,
 

Loose your Drupal admin password?

There's nothing more frustrating than updating your Drupal site only to be unable to login, and not having your admin password, therefore effectively locking you out of your site entirely. The first thing to try is to click on the lost password link, and have the password emailed to you. There is, however, a couple scenarios where this will fail to work:

  • This won't work if you're unable to access the retrieve password page.
  • This won't work if you've stored an old, no longer in use email address for the admin user (user 1).

In these cases, there are other ways to regain access to your Drupal site. The best method depends on your Drupal version.

 

Drupal 7

In the next couple steps, we will show you how to generate a hash to enter into your database to reset the password for user 1 (the admin user). 

Generating a Password Hash

Because Drupal 7 stores your password in a one-way hash in your database, you can't reverse the hash to find your password. But you can use Drupal's built-in password function to reset it by uploading a file with the corresponding php code:

<?php
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

require_once 'includes/password.inc';
echo user_hash_password('TemporaryPassword');

die();
menu_execute_active_handler();
?>

Save this code in a file named pw-reset.php (or something similar), and upload it to your public_html folder on your Drupal site. Make sure you substitute TemporaryPassword with a password you'd like to use to regain access to your admin account. Once you've uploaded the file, open a browser tab and launch the code by visiting this page in your browser address bar. In this example, you would browse to example.com/pw-reset.php. This will generate a long password hash for you to enter into your Drupal database. Make note (copy) this password for the next step.

Need to Organize? Visit Shoeboxed.com (Affiliate)

 

Resetting Your Admin Password Using the Hash

You'll want to access your Drupal database for this step (typically via phpMyAdmin in cPanel for Apache/mySQL installations). Click on the users table, and under the uid column, locate the value (corresponds to user 1). Do an inline edit and copy your generated hash into the corresponding pass field. Once you hit save you should be able to log into your Drupal website with the admin user (user 1) using the TemporaryPassword you specified above.

Once logged in, make sure you change your password again.

Drupal 6

For Drupal 6, there's a couple alternative methods to resetting your password. The first resets your Drupal admin password (the password used by user 1), the second retrieves it. You'll need access to your mysql database (via phpMyAdmin, for example) for both methods, but only the first one involves executing a mySQL function.

Resetting your Drupal admin password

To directly reset your password, log into phpMyAdmin and execute the following mySQL statement:

UPDATE users SET pass = md5('newpassword') WHERE uid = 1;

Enter your new password in the md5 function - it will automatically be converted via a one-way hash (this is why we can't retrieve your old password - the decryption is a one-way process). Note that for earlier versions of Drupal you may need to use SET password, instead of SET pass.

This will effectively reset the Drupal admin password for user 1. Note that you can use this to reset the password of any user, although this is typically unnecessary as you should be able to simply log in as admin user (user 1), under which you have the ability to reset any user's password.

Retrieving your lost Drupal admin password

An alternative to resetting the password is to retrieve it. This method only applies to the second problem above, that is, you are able to access the retrieve password page, but you're email address is outdated. To do this, simply update the email field for the admin user (user 1) in the "users" table. Unlike the password field, you can directly edit the email field without consequence. Once you've updated your email address for the admin user, simply go to the request password page to have your password emailed to your email address.

Your rating: None Average: 3.1 (82 votes)
Your rating: None Average: 3.1 (82 votes)
Email this page PDF of this page Print this page
Leave a comment
(28)

Author Info
Alex Schenker on WeRockYourWeb.comAlex is our SEO and web guru. He loves tennis, hiking, and surfing. For more, read Alex's bio.
 

 

 


Thank you very much !!

I was struggling for sometime to regain the password.

I found forums saying to convert the hash format using online converters. But you explained the right way . . . Thank you . .

Ravikiran

Thanks for reading Ravikiran! I'm so glad that we were able to help you!

How to set the role to admin (D6)

Many thanks for the idea. My problem was that I completely deleted the admin user. So instead of updating the MysQL db. I inserted user id one with and md5 pass and an email. The new problem arised  for here is that how to activate the admin and set this user to admin role. Thanks for any help.

not working

not working for me!

You saved my life

Thank you, Thank you, Thank you.

A much faster way to change the Drupal 7 password

Drupal 7 doesn't use MD5 anymore apparently.

You can Reset the admin password to "password" in Drupal 7 and then change it to what you want using the following SQL statement in phpmyadmin

UPDATE users SET pass='$S$Cd059Vsxc8berFeg6hspaa7ejx2bSxyUisvCbT4h9o8XIgSUtPKz' WHERE uid=1;

Nice one, this really helped

Nice one, this really helped me, Thanks!

D7

FYI this doesn't work in Drupal 7 anymore.

Thanks a lot

Cool, great help thanks.

Thank you

What a cool trick

Thank you

Too cool Smiling

I want to reset password of my gmail account as I lost

Kindly send simplest weblink where I can change or reset my gmail account password on a  temporary basis. I have opened one gmail account - swamkul at gmail dot com. You can send details to this address. I have lost the password of swaminikulkarni at gmail dot com of this email id help me out fast plz.

many thanks

very useful code!

Registry cleaner

Last time I forgot my password and tried everything I could do but failed, until I found this great tool Windows Password Software. It works great, and you can Google it. You can try to Google it.

Thank you so much.

Thank you so much.

Thank you

Thank you! Whew this saved my day! Possibly my week!

Yet another reason why md5 should not be used any more

It should NOT be that easy to break in to a piece of software. Just another reason why md5 shouldn't be used anymore! Perhaps newer versions of Drupal are more secure?

In out of the cold

I got in, climbed through the window and am now drinking tea by the fire.

Created a new password and converted to md5 (never heard of md5 till today!).

Put the new password in the user table against administrator using myPHP and logged in.

sweet.

I'm still out in the cold - can't login...

I hope this thread hasn't gone too cold, my little face lit up when I saw it as I'm struggling to login to a new Drupal site I've just migrated to new hosting.



I don't have the admin login details so I used myPHP to change the administrator email address to my own, sent a password reminder - but when I send myself a reminder I get this message:



'warning: file_get_contents() [function.file-get-contents]: Filename cannot be empty in /home/example/public_html/www.mydomain.net/modules/mimemail/mimemail.module on line 398.'



But it does send the reminder email, which when i click the link to one-time login, doesn't work and says:



'You have tried to use a one-time login link which has either been used or is no longer valid. '



So I tried changing the password to each of the hashed passwords in the reply 'In a couple of clicks' above and that didn't work either.



Can anyone offer help or guidance?



J.

How is it possible?

Just amazing.

THANKS

Very useful bit of code, many thanks!

Thx

Thank you.

md5 translation

I was editing directly into the user pass field over and over again. Even went to this site so I could type my pass and get the md5 translation and enter that. So frustrating. I just executed your example and was done in 2 seconds. grrr. Thank you.

In a couple of clicks

In phpMyAdmin go to your drupal database, click on users. Find the user called admin, check the box then click the change icon. In the "pass" field you'll see a long string of characters the MD5 hashed password.

Set the password to a known value:
- password = "this is the MD5 hashed password"
------------------------------------------------------
- admin = 21232f297a57a5a743894a0e4a801fc3
- secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
- OU812 = 7441de5382cf4fecbaa9a8c538e76783

Paste the hashed password into the field, save the change, and log-in using the new password.

Immediately change your password to something more secure!

Phew!!! saved a lot of headaches

Thanks for the great tip. I just started working with Drupal. I have the development install on my laptop with MAMP and forgot my password. The MD5 hint worked like a charm.

-Naveen

Saved the day

Thanks so much.

I've been working in a virtual machine without a mail server and needed to reset the admin password. This did the trick nicely.

- Andy

Really very quick solutions

Nice - got be back up and running in no time. Thanks man...

Awesome! I'm back in Drupal

Whew - I was going through all my files trying to find my darn password and couldn't for the life of me remember what it was. The MD5 function in mySQL worked like a charm (the forgot password request page didn't - for some reason the email never got sent out).

Thank you!!

The content of this field is kept private and will not be shown publicly.
 

We use this trick question to try and prevent automated spam comments.