#25 - Forgot your Joomla super administrator password?
This happened to me quite a few times before I learnt to store my passwords in a safe place. However, if you do forget or lose your Joomla super administrator password, there is a very easy way to reset it to a default password (admin). Use the steps below to set a new password.
Looking for the default Joomla password?
I'm sorry, but you're out of luck. Joomla does not have any default password - so you won't be able to use a single password to access any Joomla installation. However, if you have access to the hosting account, the cpanel, or the phpmyadmin of the Joomla installation, you can easily set the current password to a "Joomla default password". Follow the steps below to get access to your Joomla administrator user if you have forgotten the password. For those who hate following text, you can find see how to reset the super adminstrator account procedure recorded as a YouTube video too ;)
Forgot Joomla 2.5 / 3.x password? - how to change it via phpmyadmin
Access phpmyadmin using the database administrator and password which you should have available as part of your web hosting details
Access the Users Table in phpMyAdmin
- On the left, you will see 2 links, click on your Database name
- Do not delete or change any of the tables if you do not know what you are doing. You can potentially corrupt your database, lose information or delete your whole database.
- You will see all the table names are prefixed with some letters, e.g. adfa_
- The table names are on the right of the Underscore.
- Scroll down to the table xxxx_users
- Click on the ‘Browse‘ tab
Change the Super Administrator Password
- Click on the ‘Pencil‘ to edit your Super Administrator user.
- The next screen is where you can change your password, See the password field:
- Change the password drop down to ‘MD5′
- Enter in a new password in the text box beside it - you can enter it in plain text, the password will then be encoded by phpmyadmin
After that your password is changed. You will see on the next screen that the password field changed to a bunch of letters and numbers that you didn’t enter. That’s ok, because that’s how MySQL stores your password.
Go to your Joomla 2.5 Administrator screen and try out your new username and password you entered.
To reset the old password:
If the admin user is still defined, the simplest option is to change the password in the database to a known value. This requires that you have access to the MySQL database using phpMyAdmin.
- Navigate to phpMyAdmin and select the database for the Joomla! site in the left-hand drop-down list box. This will show the database tables on the left side of the screen.
- Click on the table "jos_users" in the list of tables.
- Click on the "Browse" button in the top toolbar. This will show all of the users that are set up for this site.
- Find the user whose password you want to change and press the Edit icon for this row.
- A form will display that allows you to edit the password field. Copy the valued2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199into the password field and press the Go button. phpMyAdmin should display the message "Affected rows: 1". At this point, the password should be changed to "secret".
- Log in with this user and password and change the password of this user to a secure value. Check all of the users using the User Manager to make sure they are legitimate. If you have been hacked, you may want to change all of the passwords on the site.
To create a new admin2 user:
Open the database using phpMyAdmin or database explorer and select the table, jos_users . (replace jos_ with your own table prefix if this is different than the default).
Run the following SQL Code:
INSERT INTO `jos_users`(`id`, `name`, `username`, `email`, `password`, `usertype`, `block`, `sendEmail`,`registerDate`, `lastvisitDate`,`activation`,`params`)
INSERT INTO `jos_user_usergroup_map` (`user_id`,`group_id`) VALUES (40, 8);
Logon to the back end http://yoursitedomain.com/administrator using the username admin2 and the password secret in the login box.
Select the user you have just logged in with using this password and username and change the password for the user to something else. This is extremely important otherwise your website might get hacked.
Check all is ok with Front-end access by opening your site http://yourdomainname.com and logging in using the username admin and the new password you have set it in the back end.
2. Select the record for the administrator account - by default this is user 62.
3. Copy and paste the MD5 # below and save the changes
5. Logon to the back end http://yoursitedomain.com/administrator using the username admin and the password admin in the login box.
6. Select the user you have just logged in with using this password and username and change the password for the user to something else. This is extremely important otherwise your website might get hacked.
7. Check all is ok with Front-end access by opening your site http://yourdomainname.com and logging in using the username admin and the new password you have set it in the back end.
You need access to your MySQL database, via phpmyadmin or otherwise. For Joomla version up to 1.0.12 you need to execute the following query. The strange password is actually the password "admin" encrypted with the encyption algorithm Joomla uses.
UPDATE `jos_users` SET `name` = 'admin', `password` = '21232f297a57a5a743894a0e4a801fc3' WHERE `id` =62 LIMIT 1 ;
For 1.0.13, you need to run a query with a different value for the password, which is below because the encryption algorithm has changed.
UPDATE `jos_users` SET `name` = 'admin', `password` = 'af9083d4b82dbc0745b124db3b3cf15d:M0WuLowO4rtRTddG' WHERE `id` =62 LIMIT 1 ;
Once you've run this query you need to logon to the administrator backed and set the password to something more complicated. Leaving the password as "admin" will result in a serious risk to your site!
If you're running an older version of Joomla or Mambo, you might need to change jos_users to mos_users.