How to Reset Drupal Admin Password

To sustain this free service, we receive affiliate commissions via some of our links. This doesn’t affect rankings. Our review process.

There’s nothing more frustrating than updating your Drupal site only to be unable to login, and not having your admin password, therefore effectively locking you out of your site entirely. So here are some tips on how to reset your Drupal admin password.

The first thing to try is to click on the lost password link, and have the password emailed to you. There is, however, a couple of scenarios where this will fail to work:

  • This won’t work if you’re unable to access the retrieve password page.
  • This won’t work if you’ve stored an old, no longer in use email address for the admin user (user 1).

In these cases, there are other ways to regain access to your Drupal site. The best method depends on your Drupal version.

Drupal 7

In the next couple steps, we will show you how to generate a hash to enter into your database to reset the password for user 1 (the admin user).

Generating a Password Hash

Because Drupal 7 stores your password in a one-way hash in your database, you can’t reverse the hash to find your password. But you can use Drupal’s built-in password function to reset it by uploading a file with the corresponding php code:

define(‘DRUPAL_ROOT’, getcwd());
require_once DRUPAL_ROOT . ‘/includes/’;

require_once ‘includes/’;
echo user_hash_password(‘TemporaryPassword‘);


Save this code in a file named pw-reset.php (or something similar), and upload it to your public_html folder on your Drupal site. Make sure you substitute TemporaryPassword with a password you’d like to use to regain access to your admin account. Once you’ve uploaded the file, open a browser tab and launch the code by visiting this page in your browser address bar. In this example, you would browse to This will generate a long password hash for you to enter into your Drupal database. Make note (copy) this password for the next step.

Resetting Your Admin Password Using the Hash

You’ll want to access your Drupal database for this step (typically via phpMyAdmin in cPanel for Apache/mySQL installations). Click on the users table, and under the uid column, locate the value 1 (corresponds to user 1). Do an inline edit and copy your generated hash into the corresponding pass field. Once you hit save you should be able to log into your Drupal website with the admin user (user 1) using the TemporaryPassword you specified above.

Once logged in, make sure you change your password again.

Drupal 6

For Drupal 6, there’s a couple of alternative methods to resetting your password. The first resets your Drupal admin password (the password used by user 1), the second retrieves it. You’ll need access to your mysql database (via phpMyAdmin, for example) for both methods, but only the first one involves executing a mySQL function.

Resetting your Drupal admin password

To directly reset your password, log into phpMyAdmin and execute the following mySQL statement:

UPDATE users SET pass = md5(‘newpassword’) WHERE uid = 1;

Enter your new password in the md5 function – it will automatically be converted via a one-way hash (this is why we can’t retrieve your old password – the decryption is a one-way process). Note that for earlier versions of Drupal you may need to use SET password, instead of SET pass.

This will effectively reset the Drupal admin password for user 1. Note that you can use this to reset the password of any user, although this is typically unnecessary as you should be able to simply log in as admin user (user 1), under which you have the ability to reset any user’s password.

Retrieving your lost Drupal admin password

An alternative to resetting the password is to retrieve it. This method only applies to the second problem above, that is, you are able to access the retrieve password page, but you’re email address is outdated. To do this, simply update the email field for the admin user (user 1) in the “users” table. Unlike the password field, you can directly edit the email field without consequence. Once you’ve updated your email address for the admin user, simply go to the request password page to have your password emailed to your email address.

About The Author:

Alex bring a series of in-depth articles on search marketing and content management systems as well as troubleshooting tips to We Rock Your Web's collection. He is an avid tennis player, nature enthusiast, and hiker, and enjoys spending time with his wife, friends, and dogs, Bella and Lily.

Disclaimer: This website contains reviews, opinions and information regarding products and services manufactured or provided by third parties. We are not responsible in any way for such products and services, and nothing contained here should be construed as a guarantee of the functionality, utility, safety or reliability of any product or services reviewed or discussed. Please follow the directions provided by the manufacturer or service provider when using any product or service reviewed or discussed on this website.

Leave a Reply

newest oldest most voted
Good, thanks so much
Kimberly Alt (Admin)
Glad we could help, you’re welcome!
Thanks for this – much more user friendly than the information available on Drupal – doesn’t assume lots of previous knowledge.
Kimberly Alt (Admin)
Glad we could help Brian!
What a cool trick
Cool, great help thanks.

FYI this doesn’t work in Drupal 7 anymore.

a web rocker
Drupal 7 doesn’t use MD5 anymore apparently.

You can Reset the admin password to “password” in Drupal 7 and then change it to what you want using the following SQL statement in phpmyadmin

UPDATE users SET pass=’$S$Cd059Vsxc8berFeg6hspaa7ejx2bSxyUisvCbT4h9o8XIgSUtPKz’ WHERE uid=1;

Nice one, this really helped me, Thanks!

You are really awesome man. My big headache is over now, hank you. Thank you again.
I recommend this one, this comment simply works.
Hafizah Yusof
This one works really great! Thanks a lot.
not working for me!

Thank you, Thank you, Thank you.

Many thanks for the idea. My problem was that I completely deleted the admin user. So instead of updating the MysQL db. I inserted user id one with and md5 pass and an email. The new problem arised for here is that how to activate the admin and set this user to admin role. Thanks for any help.

I was struggling for sometime to regain the password.

I found forums saying to convert the hash format using online converters. But you explained the right way . . . Thank you . .

Kimberly Alt
Thanks for reading Ravikiran! I’m so glad that we were able to help you!

Thanks for posting this. Worked perfectly!
Too cool 🙂
very useful code!
Kindly send simplest weblink where I can change or reset my gmail account password on a temporary basis. I have opened one gmail account – swamkul at gmail dot com. You can send details to this address. I have lost the password of swaminikulkarni at gmail dot com of this email id help me out fast plz.

I was editing directly into the user pass field over and over again. Even went to this site so I could type my pass and get the md5 translation and enter that. So frustrating. I just executed your example and was done in 2 seconds. grrr. Thank you.
Very useful bit of code, many thanks!

Thank you.

Just amazing.

I hope this thread hasn’t gone too cold, my little face lit up when I saw it as I’m struggling to login to a new Drupal site I’ve just migrated to new hosting.

I don’t have the admin login details so I used myPHP to change the administrator email address to my own, sent a password reminder – but when I send myself a reminder I get this message:

warning: file_get_contents() [function.file-get-contents]: Filename cannot be empty in /home/example/public_html/ on line 398.’

But it does send the reminder email, which when i click the link to one-time login, doesn’t work and says:

‘You have tried to use a one-time login link which has either been used or is no longer valid. ‘

So I tried changing the password to each of the hashed passwords in the reply ‘In a couple of clicks’ above and that didn’t work either.

Can anyone offer help or guidance?


I got in, climbed through the window and am now drinking tea by the fire.

Created a new password and converted to md5 (never heard of md5 till today!).

Put the new password in the user table against administrator using myPHP and logged in.


It should NOT be that easy to break in to a piece of software. Just another reason why md5 shouldn’t be used anymore! Perhaps newer versions of Drupal are more secure?

Thank you! Whew this saved my day! Possibly my week!

Thank you so much.
Last time I forgot my password and tried everything I could do but failed, until I found this great tool Windows Password Software. It works great, and you can Google it. You can try to Google it.

In phpMyAdmin go to your drupal database, click on users. Find the user called admin, check the box then click the change icon. In the “pass” field you’ll see a long string of characters the MD5 hashed password.

Set the password to a known value:
– password = “this is the MD5 hashed password”
– admin = 21232f297a57a5a743894a0e4a801fc3
– secret = 5ebe2294ecd0e0f08eab7690d2a6ee69
– OU812 = 7441de5382cf4fecbaa9a8c538e76783

Paste the hashed password into the field, save the change, and log-in using the new password.

Immediately change your password to something more secure!