Joomla: How to Reset Super Admin Password

To sustain this free service, we receive affiliate commissions via some of our links. This doesn’t affect rankings. Our review process.

The easiest and most straightforward way to reset your Joomla password is to use the back-end User Manager. Login to your Joomla site as a member of the Super Administrator group, and then reset your password in the User Manager. If you don’t have access to a member of the Super Admin group, you’ll need to go into your database and manually replace the password of the Super Administrator. Joomla passwords are encoded with a one-way “salted” MD5 hash, which means you can’t recover the password, you can only replace it.

Before we begin, you must have access to your database. If you don’t, pass these instructions on to someone who does. It’s also a good idea to backup your database before making changes, just in case something goes awry.

How to Login to Joomla Backend

First things first. To login to the backend of your Joomla site, browse to example.com/administrator, replacing “example.com” with your website URL. If you are unable to login, or unable to reset your password using the “forgot my password” link, try the steps below to reset your Joomla admin password.

Joomla 1.6+

If you are using Joomla version 1.6 or later, follow these instructions to reset your lost password.

Configuration File Method

If you have access to your Joomla configuration file (configuration.php), you can use the following method to reset your password:

  1. FTP into your Joomla installation, locate the configuration.php file, and change its permissions (chmod) from 444 to 644.
  2. Download the configuration file, open it, and using a text editor (such as Notepad in Windows. Don’t use a word processor – these will insert code into the configuration file that may break it) add the following line to the bottom of the file: public $root_user = ‘username’;
  3. Make sure the ‘username’ is a username that already exists and has Author level or higher (preferably administrator) access.
  4. Save the changes you made to the configuration.php file and re-upload it to your site.
  5. You’ve created a temporary Super Administrator that you can use to login to the back-end and either change the Super Admin pw or create a new Super Admin user. Consider blocking or deleting the older user if you create a new one, for security purposes (ie. if the old one had their password hacked).
  6. As a last step, you want to make sure the line we added to the configuration.php file is removed. You can do this manually or check the “click here to try to do it automatically” link in the alert box that appears.
  7. Once the line is removed, restore the permissions of the configuration.php file back to 444. This is an important security measure protecting access to this important configuration file.

If you don’t know any users that are Author level or higher, you may need to access your database directly using the methods below to reset your Joomla password.

Joomla Hosting

MyHosting.com Joomla website hosting

 

 

 

Looking for a web host that will make your Joomla website pages load super fast? Checkout MyHosting – they offer solutions optimized to bring the most out of your Joomla CMS platform.

Database method

Finding the Password

  • Log in to your Joomla database (via phpMyAdmin for example)
  • Click to edit the _users database (will be preceded by your account name, for example: example_users)
  • Edit the entry for where usertype = “Super Administrator” (should be the first record)

Resetting the Password

In the password field you’ll notice a string of characters. Joomla uses a one-way encoding method, which means you won’t be able to retrieve your old password. However, you will be able to reset the password to a new one using mySQL’s built-in MD5 function:

UPDATE example_users SET password=MD5(‘new password’) WHERE usertype = “Super Administrator”;

Congrats! You just successfully reset your Joomla password. Go to your Joomla domain at example.com/administrator and try logging in with the new password. You should be logged in as Super Administrator.

Reset Using cPanel

For those not familiar with mySQL, you should also be able to login with cPanel, click on the “SQL” tab, and enter the above query there.

Copying the Password from Another User

An alternate method to reset your password, if you’re not comfortable with SQL commands, is to simply copy and paste the password hash from another user (to which you know the password) over to your admin user. You’ll then be able to login as the admin user using that password. If you don’t have another user, you should be able to register as one, and then copy the password over.

Applying the Email From Another User

Yet another alternate method to retrieving your lost Joomla admin password is to change your admin user’s email address to one you are familiar with. Then use the lost password retrieval function (the “forgot password” link in the login section) to have your Joomla password emailed to you.

Troubleshooting

Thanks to feedback from our web rockers we’ve been able to add various user based suggestions in addition to our own. Please use caution when trying these optional suggestions!

AlphaNumeric Only

If for some reason the above method does not work try encoding a password that contains only alphanumeric (a-z, 0-9) characters. This method may not work if your password contains special characters (@!#$).

Joomla User Plugin

Another possible reason that you’re unable to login is that you may have inadvertently deleted the Joomla User Plugin. You can remedy this by logging into you backend, and locating the jos_plugins table in your database. Edit this entry and set the published status of user joomla to 1 (enabled). Once you’ve done this, try logging in again.

Temporarily Remove PHP Authentication

This is another potential approach you can use to recover your Joomla admin password, but proceed with caution. Also note that this has only been tested in Joomla 1.5. Locate the file plugins/authentication/joomla.php, and change the line

if ( $crypt == $testcrypt) {

to

if ( $crypt == $testcrypt || $_SERVER[‘REMOTE_ADDR’] == “Your IP Address”) {

Replace “Your IP Address” with your IP address (your IP address is: ). Now anyone from your IP address (ie. your PC or local network) can login with any password. After logging in and changing your password, remember to restore the original code.

Can’t Login and No Errors

If you can’t login and Joomla is not giving you any error messages, it could be that your sessions directory doesn’t have the correct permissions. They should be set to 755 (you can login via FTP, find your sessions directory, and adjust the permissions (CHMOD)).

Invalid Session Error

If you’re getting an invalid session error when you try to login, you probably need to clear your browser and or site cache and cookies. Refer to our browser cache clearing instructions for details on clearing the cache your browser. For Joomla, you can clear the cache tables in your database (if you were able to login, you could browse to Tools > Clean Cache).

How to reset Joomla 1.5, Joomla 1.0 and earlier passwords

In each of these examples you’ll want to follow the above instructions, but then modify your SQL query to the following, which will reset your password to the one you specify.

UPDATE `jos_users` SET `password` = MD5( ‘new password’ ) WHERE `jos_users`.`username` = “admin”;

If this doesn’t work, try changing jos_users to mos_users.

How to Reset a User to Super Administrator

An alternate approach is to adjust the username, email, and password of the existing Super Administrator usertype so you can regain access to your website via an existing user. Here’s the steps to take:

  • Log in to your hosting account and browse to your domain name.
  • Click on “View Details” (varies depending on hosting provider)
  • Click on “cPanel”
  • Click on “phpMyAdmin” under the “Databases” section
  • Click on the name of your database in the left column (should be something besides the default “information_schema”).
  • Back up the database using the “export” function in the top menu just in case you inadvertently screw something up.
  • Scroll down and click on “[tablename]_users” (the name, not the icon) in the left column (tablename will be whatever your database name is).
  • Copy the username, email and password from your user to the “usertype” that is set to “Super Administrator” (this will allow you to login as Super Admin again; you’ll also need to change your old username (for example, to “Admin2”) so they don’t both have the same username.

When logging in now using the same credentials, your user should be back to Super Administrator and you should have access to all the backend admin functions.

Joomla: Evolution of a CMS

Joomla is one of the world’s premier open source CMS (Content Management System). It’s competitors include WordPress (which began as a blogging platform but has since grown into a full-fledged CMS thanks to all the plugins developers have created), Drupal, TypePad, and others. Drupal probably most closely resembles Joomla’s overall structure and functionality, although Drupal tends to be a lot more robust and powerful, while Joomla is known to be more user-friendly and attractive right out of the box.

About The Author:

Alex has been involved on the business side of the internet since the early 2000's. He holds both a Management Science degree from the University of California at San Diego as well as a Computer Science degree from NJIT.

We Rock Your Web had its roots back in 2004 as the tech blog for a web design and development company Alex founded that has grown and evolved into the parent company of We Rock Your Web.

While his foundation is rooted in web development, his expertise today lies in content and digital marketing, SEO, organic and paid search, analytics, and publishing. Alex is an avid tennis player, nature enthusiast, and hiker, and enjoys spending time with his wife, friends, and dogs.

Disclaimer: This website contains reviews, opinions and information regarding products and services manufactured or provided by third parties. We are not responsible in any way for such products and services, and nothing contained here should be construed as a guarantee of the functionality, utility, safety or reliability of any product or services reviewed or discussed. Please follow the directions provided by the manufacturer or service provider when using any product or service reviewed or discussed on this website.