We Rock Your Web in the Press!
Home > Tech > Web Development > How to Reset Drupal Admin Password

How to Reset Drupal Admin Password

There’s nothing more frustrating than updating your Drupal site only to be unable to login, and not having your admin password, therefore effectively locking you out of your site entirely. So here are some tips on how to reset your Drupal admin password.

The first thing to try is to click on the lost password link, and have the password emailed to you. There is, however, a couple of scenarios where this will fail to work:

  • This won’t work if you’re unable to access the retrieve password page.
  • This won’t work if you’ve stored an old, no longer in use email address for the admin user (user 1).

In these cases, there are other ways to regain access to your Drupal site. The best method depends on your Drupal version.

Drupal 7

In the next couple steps, we will show you how to generate a hash to enter into your database to reset the password for user 1 (the admin user).

Generating a Password Hash

Because Drupal 7 stores your password in a one-way hash in your database, you can’t reverse the hash to find your password. But you can use Drupal’s built-in password function to reset it by uploading a file with the corresponding php code:

<?php
define(‘DRUPAL_ROOT’, getcwd());
require_once DRUPAL_ROOT . ‘/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

require_once ‘includes/password.inc';
echo user_hash_password(‘TemporaryPassword‘);

die();
menu_execute_active_handler();
?>

Save this code in a file named pw-reset.php (or something similar), and upload it to your public_html folder on your Drupal site. Make sure you substitute TemporaryPassword with a password you’d like to use to regain access to your admin account. Once you’ve uploaded the file, open a browser tab and launch the code by visiting this page in your browser address bar. In this example, you would browse to example.com/pw-reset.php. This will generate a long password hash for you to enter into your Drupal database. Make note (copy) this password for the next step.

Resetting Your Admin Password Using the Hash

You’ll want to access your Drupal database for this step (typically via phpMyAdmin in cPanel for Apache/mySQL installations). Click on the users table, and under the uid column, locate the value 1 (corresponds to user 1). Do an inline edit and copy your generated hash into the corresponding pass field. Once you hit save you should be able to log into your Drupal website with the admin user (user 1) using the TemporaryPassword you specified above.

Once logged in, make sure you change your password again.

Drupal 6

For Drupal 6, there’s a couple of alternative methods to resetting your password. The first resets your Drupal admin password (the password used by user 1), the second retrieves it. You’ll need access to your mysql database (via phpMyAdmin, for example) for both methods, but only the first one involves executing a mySQL function.

Resetting your Drupal admin password

To directly reset your password, log into phpMyAdmin and execute the following mySQL statement:

UPDATE users SET pass = md5(‘newpassword’) WHERE uid = 1;

Enter your new password in the md5 function – it will automatically be converted via a one-way hash (this is why we can’t retrieve your old password – the decryption is a one-way process). Note that for earlier versions of Drupal you may need to use SET password, instead of SET pass.

This will effectively reset the Drupal admin password for user 1. Note that you can use this to reset the password of any user, although this is typically unnecessary as you should be able to simply log in as admin user (user 1), under which you have the ability to reset any user’s password.

Retrieving your lost Drupal admin password

An alternative to resetting the password is to retrieve it. This method only applies to the second problem above, that is, you are able to access the retrieve password page, but you’re email address is outdated. To do this, simply update the email field for the admin user (user 1) in the “users” table. Unlike the password field, you can directly edit the email field without consequence. Once you’ve updated your email address for the admin user, simply go to the request password page to have your password emailed to your email address.

Our site's mission is to help consumers make more informed purchase decisions. This website accepts financial compensation from some of the companies mentioned which allows us to provide this free service to our readers. Compensation does not influence the rankings of products. More info on our disclosure page.

Sign up for 9 Must Have Social Media Tips and Free Monthly Tech Tips & Reviews!


About Alex Schenker
Alex bring a series of in-depth articles on search marketing and content management systems as well as troubleshooting tips to We Rock Your Web's collection. He is an avid tennis player, nature enthusiast, and hiker, and enjoys spending time with his wife, friends, and dogs, Bella and Lily.
Previous:
Next:
  • Anonymous

    In phpMyAdmin go to your drupal database, click on users. Find the user called admin, check the box then click the change icon. In the “pass” field you’ll see a long string of characters the MD5 hashed password.

    Set the password to a known value:
    – password = “this is the MD5 hashed password”
    ——————————————————
    – admin = 21232f297a57a5a743894a0e4a801fc3
    – secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
    – OU812 = 7441de5382cf4fecbaa9a8c538e76783

    Paste the hashed password into the field, save the change, and log-in using the new password.

    Immediately change your password to something more secure!

  • sagar

    not working for me!

  • Anonymous

    Thank you so much.

  • Anonymous

    Thank you! Whew this saved my day! Possibly my week!

  • Anonymous

    Last time I forgot my password and tried everything I could do but failed, until I found this great tool Windows Password Software. It works great, and you can Google it. You can try to Google it.

  • Anonymous

    Whew – I was going through all my files trying to find my darn password and couldn’t for the life of me remember what it was. The MD5 function in mySQL worked like a charm (the forgot password request page didn’t – for some reason the email never got sent out).

    Thank you!!

  • Anonymous

    Thanks for the great tip. I just started working with Drupal. I have the development install on my laptop with MAMP and forgot my password. The MD5 hint worked like a charm.

    -Naveen

  • ravikiran

    I was struggling for sometime to regain the password.

    I found forums saying to convert the hash format using online converters. But you explained the right way . . . Thank you . .

    • Kimberly

      Thanks for reading Ravikiran! I’m so glad that we were able to help you!

  • Anonymous

    Very useful bit of code, many thanks!

  • Anonymous

    Cool, great help thanks.

  • Anonymous

    Thanks so much.

    I’ve been working in a virtual machine without a mail server and needed to reset the admin password. This did the trick nicely.

    – Andy

  • Anonymous

    It should NOT be that easy to break in to a piece of software. Just another reason why md5 shouldn’t be used anymore! Perhaps newer versions of Drupal are more secure?

  • Anonymous

    Nice – got be back up and running in no time. Thanks man…

  • Anonymous

    I was editing directly into the user pass field over and over again. Even went to this site so I could type my pass and get the md5 translation and enter that. So frustrating. I just executed your example and was done in 2 seconds. grrr. Thank you.

  • Anonymous

    very useful code!

  • WIldGeek!

    Thanks for posting this. Worked perfectly!

  • Anonymous

    Kindly send simplest weblink where I can change or reset my gmail account password on a temporary basis. I have opened one gmail account – swamkul at gmail dot com. You can send details to this address. I have lost the password of swaminikulkarni at gmail dot com of this email id help me out fast plz.

  • Anonymous

    What a cool trick

  • Anonymous

    Too cool :)

  • sc

    FYI this doesn’t work in Drupal 7 anymore.

  • Anonymous

    I got in, climbed through the window and am now drinking tea by the fire.

    Created a new password and converted to md5 (never heard of md5 till today!).

    Put the new password in the user table against administrator using myPHP and logged in.

    sweet.

  • Anonymous

    I hope this thread hasn’t gone too cold, my little face lit up when I saw it as I’m struggling to login to a new Drupal site I’ve just migrated to new hosting.

    I don’t have the admin login details so I used myPHP to change the administrator email address to my own, sent a password reminder – but when I send myself a reminder I get this message:


    warning: file_get_contents() [function.file-get-contents]: Filename cannot be empty in /home/example/public_html/www.mydomain.net/modules/mimemail/mimemail.module on line 398.’

    But it does send the reminder email, which when i click the link to one-time login, doesn’t work and says:

    ‘You have tried to use a one-time login link which has either been used or is no longer valid. ‘

    So I tried changing the password to each of the hashed passwords in the reply ‘In a couple of clicks’ above and that didn’t work either.

    Can anyone offer help or guidance?

    J.

  • a web rocker

    Drupal 7 doesn’t use MD5 anymore apparently.

    You can Reset the admin password to “password” in Drupal 7 and then change it to what you want using the following SQL statement in phpmyadmin

    UPDATE users SET pass=’$S$Cd059Vsxc8berFeg6hspaa7ejx2bSxyUisvCbT4h9o8XIgSUtPKz’ WHERE uid=1;

    • Maik

      Nice one, this really helped me, Thanks!

  • Anonymous

    Just amazing.

  • Sarmad

    Many thanks for the idea. My problem was that I completely deleted the admin user. So instead of updating the MysQL db. I inserted user id one with and md5 pass and an email. The new problem arised for here is that how to activate the admin and set this user to admin role. Thanks for any help.

  • Anonymous

    Thank you.

  • ak0073

    Thank you, Thank you, Thank you.