Saturday, January 5, 2008
Joomla Super Administrator Password Recovery Solution
Posted by
Jack's Jots
I received a request for clarification on my Joomla Super Administrator Password Recovery Solution.
If your account was hacked into, I would also suggest that you also consider changing the config.php file to have new secrets in it. It contains the password of your database (you can also do this in global configurations). You would need to use the mysql tool to make sure that you have matching passwords.
Let me know if this helps.
Hi Jack,
I have a website that was hacked the other day. My hosting
company restored the site however, I can no longer login to the admin section.
The username and password no longer work. I tripped over your posting
http://community.contractwebdevelopment.com/joomla-how-to-reset-super-admin-pass
wordand was wondering if this fix works with the Joomla 1.0 version. If so,
would you mind explaning which file needs to be edited. I am not a wizard at this
stuff and have looked extensively for a simple solution, including the Joomla
forums to no avail.
Thanks for your time. XXXX
There are at least two ways to recover your lost password.
- The passwords are kept in your mysql database whose location and credentials are held in the configuration.php file at the top of your Joomla directory. You need to update by an SQL query (or table manger), the hashed password to something that you know. It's not too hard, but I had trouble getting my hash right when I tried using mysql admin. Also, it is a bit dangerous to mess with SQL if you don't know what you are doing.
- The method that I use is fairly simple but also leaves room for problems:
- Ftp the file plugins\authentication\joomla.php from your site to your machine.
- Save a copy of the file (like orig-joomla.php)
- Then, modify the line below as shown using wordpad (etc.)if ($crypt == $testcrypt)to readif (true /* $crypt == $testcrypt */)This enables all logins -- rather dangerous.
- Login as admin to the administration site with any password.
- On the site, go to user administration and update with a new password.
- VERY IMPORTANT: FTP the original file (e.g. orig- joomla.php to joomla.php) back to the server to put back on authentication.
If your account was hacked into, I would also suggest that you also consider changing the config.php file to have new secrets in it. It contains the password of your database (you can also do this in global configurations). You would need to use the mysql tool to make sure that you have matching passwords.
Let me know if this helps.
Labels:
Subscribe to:
Post Comments (Atom)
CrossLoop
About Me
- Jack Briner
- I'm a Texan who is living in South Carolina. I love living in Charleston with its history and proximity to the water. I'm married to a Lutheran pastor. We have two teenagers and two dogs.
Some of my sites
1 comments:
This works give it a try ,also you can edit the error messages within this file for a custom error message in the login screen.
Post a Comment