Assuming that a) using the email to request the new password isn’t an option AND b) you have access to mysql or phpMyAdmin you may use the following methods to recover the password for your drupal root user:
drupal 6:
In drupal 6 the password is stored as a simple MD5 hash of your plain text password. Use this SQL to change the admin (i.e. the user with uid=1) password:
UPDATE users SET pass = MD5('newpass') WHERE uid=1;
drupal 7:
In drupal 7 the password is a ‘salted’ sha512 hash. The easiest method is (aside from using the drush ‘upwd’ command, which is easy enough but setting up drush may not be, especially on Windows.. so we’ll discuss this last, see below):
- Open your index.php file in a text editor
- Find this command:
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
- Insert below it the following lines:
require_once 'includes/password.inc'; echo user_hash_password('newpass'); die();
- Save the file.
- Open your site in a browser. You will get a blank page with only your hashed password string at the top.
- Copy the string.
- Open the DB in mysql or phpMyAdmin
- In table users set the pass field to this hash. For mysql this means use the same SQL command as for the drupal 6 example, but don’t use the MD5 function as the password was already hashed by the user_hash_password function.
- Edit index.php again and remove your changes
- Save
Open the site and login with the new password (‘newpass’ in this example or whatever you chose your new password to be).
Clear the flood table if necessary
You will need to clear the flood table if after resetting the password you get the following error when trying to login with new password:
‘There have been more than 5 failed login attempts […] account temporarily blocked’
This will happen on drupal 7 if you enter a wrong password more than 5 times. Not sure if also applies to drupal 6, probably yes.
At any rate, if you get this message you may wait 6 hours and then login (pfa!) OR go to phpMyAdmin or mysql again and:
DELETE * FROM flood;
Resetting drupal admin password with drush
As mentioned above, if you have drush then all of this (except maybe clearing the flood table) could be solved by one drush command:
drush upwd admin --password=newpass
Thanks a lot for the D7 instructions.
BTW you missed a “;” at the end of
require_once ‘includes/password.inc’
Thanks! Corrected 🙂