Drupal administrator password recovery

Have you lost your Drupal administrator password? Drupal admin password recovery is not elegant but it can be done.  First off, we’ll presume you have access to the MySQL database from your hosting control panel. Well you should have unless you’re trying to hack in some other way.

Fire up PHPMyAdmin and execute this little gem of a MySQL statement:

UPDATE users SET pass = md5(‘abc123’) WHERE uid = 1;

In the code above, replace abc123 with your desired password.  Make sure it contains at least one uppercase character and a non alphabetical character like a speech or exclamation mark.  Drupal is happier when you do this.

So what is this code doing?  Well it converts your chosen password into and MD5 hash.  This basically means it encrypts the password within the database.  Since it is a one-way conversion, we can’t re-engineer the MD5 hash to get your old password out.  There’s no point anyway as you can choose what you want to put in there.

Note: If you are running an older version of Drupal, you might need to run this code:

UPDATE users SET password = md5(‘abc123’) WHERE uid = 1;

I haven’t got an old version to test this on but I understand this works well.  If you’re running a version that old, please consider updating it, there are quite a few vulnerabilities (read hacks, cracks and exploits)  in the ancient Drupal installs.

Once you have done this, login and change your admin name to another name (eg Admin777) to give yourself a bit more security, having the default admin username is really not good practice.

All the above password resetting is not required if you have got access to the original email address used for the admin account.  If this is the case, login at www.domainname.com/user enter your email address and request a new password.  This will be sent to the email address you give if it matches any account on the database.

Don’t forget to leave me a comment (or a coffee) below if this has helped you!

 

 

 

Leave a Reply