How to Reset Drupal Admin Password

To sustain this free service, we receive affiliate commissions via some of our links. This doesn’t affect rankings. Our review process.

There’s nothing more frustrating than updating your Drupal site only to be unable to login, and not having your admin password, therefore effectively locking you out of your site entirely. So here are some tips on how to reset your Drupal admin password.

The first thing to try is to click on the lost password link, and have the password emailed to you. There is, however, a couple of scenarios where this will fail to work:

  • This won’t work if you’re unable to access the retrieve password page.
  • This won’t work if you’ve stored an old, no longer in use email address for the admin user (user 1).

In these cases, there are other ways to regain access to your Drupal site. The best method depends on your Drupal version.

Drupal 7

In the next couple steps, we will show you how to generate a hash to enter into your database to reset the password for user 1 (the admin user).

Generating a Password Hash

Because Drupal 7 stores your password in a one-way hash in your database, you can’t reverse the hash to find your password. But you can use Drupal’s built-in password function to reset it by uploading a file with the corresponding php code:

define(‘DRUPAL_ROOT’, getcwd());
require_once DRUPAL_ROOT . ‘/includes/’;

require_once ‘includes/’;
echo user_hash_password(‘TemporaryPassword‘);


Save this code in a file named pw-reset.php (or something similar), and upload it to your public_html folder on your Drupal site. Make sure you substitute TemporaryPassword with a password you’d like to use to regain access to your admin account. Once you’ve uploaded the file, open a browser tab and launch the code by visiting this page in your browser address bar. In this example, you would browse to This will generate a long password hash for you to enter into your Drupal database. Make note (copy) this password for the next step.

Resetting Your Admin Password Using the Hash

You’ll want to access your Drupal database for this step (typically via phpMyAdmin in cPanel for Apache/mySQL installations). Click on the users table, and under the uid column, locate the value 1 (corresponds to user 1). Do an inline edit and copy your generated hash into the corresponding pass field. Once you hit save you should be able to log into your Drupal website with the admin user (user 1) using the TemporaryPassword you specified above.

Once logged in, make sure you change your password again.

Drupal 6

For Drupal 6, there’s a couple of alternative methods to resetting your password. The first resets your Drupal admin password (the password used by user 1), the second retrieves it. You’ll need access to your mysql database (via phpMyAdmin, for example) for both methods, but only the first one involves executing a mySQL function.

Resetting your Drupal admin password

To directly reset your password, log into phpMyAdmin and execute the following mySQL statement:

UPDATE users SET pass = md5(‘newpassword’) WHERE uid = 1;

Enter your new password in the md5 function – it will automatically be converted via a one-way hash (this is why we can’t retrieve your old password – the decryption is a one-way process). Note that for earlier versions of Drupal you may need to use SET password, instead of SET pass.

This will effectively reset the Drupal admin password for user 1. Note that you can use this to reset the password of any user, although this is typically unnecessary as you should be able to simply log in as admin user (user 1), under which you have the ability to reset any user’s password.

Retrieving your lost Drupal admin password

An alternative to resetting the password is to retrieve it. This method only applies to the second problem above, that is, you are able to access the retrieve password page, but you’re email address is outdated. To do this, simply update the email field for the admin user (user 1) in the “users” table. Unlike the password field, you can directly edit the email field without consequence. Once you’ve updated your email address for the admin user, simply go to the request password page to have your password emailed to your email address.

About The Author:

Alex has been involved on the business side of the internet since the early 2000's. He holds both a Management Science degree from the University of California at San Diego as well as a Computer Science degree from NJIT.

We Rock Your Web had its roots back in 2004 as the tech blog for a web design and development company Alex founded that has grown and evolved into the parent company of We Rock Your Web.

While his foundation is rooted in web development, his expertise today lies in content and digital marketing, SEO, organic and paid search, analytics, and publishing. Alex is an avid tennis player, nature enthusiast, and hiker, and enjoys spending time with his wife, friends, and dogs.

Disclaimer: This website contains reviews, opinions and information regarding products and services manufactured or provided by third parties. We are not responsible in any way for such products and services, and nothing contained here should be construed as a guarantee of the functionality, utility, safety or reliability of any product or services reviewed or discussed. Please follow the directions provided by the manufacturer or service provider when using any product or service reviewed or discussed on this website.

Notify of
Oldest Most voted
Inline Feedbacks
View all comments

Good, thanks so much

Glad we could help, you’re welcome!

Thanks for this – much more user friendly than the information available on Drupal – doesn’t assume lots of previous knowledge.

Glad we could help Brian!

Thanks for posting this. Worked perfectly!

I was struggling for sometime to regain the password.

I found forums saying to convert the hash format using online converters. But you explained the right way . . . Thank you . .

Thanks for reading Ravikiran! I’m so glad that we were able to help you!

Many thanks for the idea. My problem was that I completely deleted the admin user. So instead of updating the MysQL db. I inserted user id one with and md5 pass and an email. The new problem arised for here is that how to activate the admin and set this user to admin role. Thanks for any help.

Thank you, Thank you, Thank you.

not working for me!

Drupal 7 doesn’t use MD5 anymore apparently.

You can Reset the admin password to “password” in Drupal 7 and then change it to what you want using the following SQL statement in phpmyadmin

UPDATE users SET pass=’$S$Cd059Vsxc8berFeg6hspaa7ejx2bSxyUisvCbT4h9o8XIgSUtPKz’ WHERE uid=1;

This one works really great! Thanks a lot.

I recommend this one, this comment simply works.

You are really awesome man. My big headache is over now, hank you. Thank you again.

Nice one, this really helped me, Thanks!

FYI this doesn’t work in Drupal 7 anymore.

Cool, great help thanks.

What a cool trick

Too cool 🙂

very useful code!

Kindly send simplest weblink where I can change or reset my gmail account password on a temporary basis. I have opened one gmail account – swamkul at gmail dot com. You can send details to this address. I have lost the password of swaminikulkarni at gmail dot com of this email id help me out fast plz.

Last time I forgot my password and tried everything I could do but failed, until I found this great tool Windows Password Software. It works great, and you can Google it. You can try to Google it.

Thank you so much.

Thank you! Whew this saved my day! Possibly my week!

It should NOT be that easy to break in to a piece of software. Just another reason why md5 shouldn’t be used anymore! Perhaps newer versions of Drupal are more secure?

I got in, climbed through the window and am now drinking tea by the fire.

Created a new password and converted to md5 (never heard of md5 till today!).

Put the new password in the user table against administrator using myPHP and logged in.


I hope this thread hasn’t gone too cold, my little face lit up when I saw it as I’m struggling to login to a new Drupal site I’ve just migrated to new hosting.

I don’t have the admin login details so I used myPHP to change the administrator email address to my own, sent a password reminder – but when I send myself a reminder I get this message:

warning: file_get_contents() [function.file-get-contents]: Filename cannot be empty in /home/example/public_html/ on line 398.’

But it does send the reminder email, which when i click the link to one-time login, doesn’t work and says:

‘You have tried to use a one-time login link which has either been used or is no longer valid. ‘

So I tried changing the password to each of the hashed passwords in the reply ‘In a couple of clicks’ above and that didn’t work either.

Can anyone offer help or guidance?


Just amazing.

Thank you.

Very useful bit of code, many thanks!

I was editing directly into the user pass field over and over again. Even went to this site so I could type my pass and get the md5 translation and enter that. So frustrating. I just executed your example and was done in 2 seconds. grrr. Thank you.

In phpMyAdmin go to your drupal database, click on users. Find the user called admin, check the box then click the change icon. In the “pass” field you’ll see a long string of characters the MD5 hashed password.

Set the password to a known value:
– password = “this is the MD5 hashed password”
– admin = 21232f297a57a5a743894a0e4a801fc3
– secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
– OU812 = 7441de5382cf4fecbaa9a8c538e76783

Paste the hashed password into the field, save the change, and log-in using the new password.

Immediately change your password to something more secure!