How to Reset Root Password in Drupal 7 with FTP and phpMyAdmin

July 11, 2011 by cam | 7 Comments

I recently was working on a client website and had a major problem. I forgot the root level password! Uh-ohz! So what to do? Well let’s just jump in and set a new password with phpMyAdmin…. only that’s not so simple. Drupal 7 has a custom password hash.

Goal

Find a way to reset my root level password in Drupal 7 with only access to phpMyAdmin and ftp.

Step 1: Write and Upload the PHP File

Here is the basic php file that will solve your problem:

<?php
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

require_once 'includes/password.inc';
echo user_hash_password('NEW_TEMP_PASSWORD');

die();
menu_execute_active_handler(); ?>

The only thing you need to change here is the user_hash_password(‘NEW_TEMP_PASSWORD’); Just set ‘NEW_TEMP_PASSWORD’ to whatever password you’d like. Just make sure to reset your password once you regain access to your Drupal 7 admin panel.
Upload this file to your Drupal 7 php root.

Step 2: Go to PHP File and Copy the Hash

Open a browser and hit your file. For instance http://example.com/pass_reset.php

So out comes the Drupal user_hash_password - $S$C6x2r.aW5Nkg7st6/u.IKWjTerHXscjPtu4spwhCVZlP89UKcbb/

(that’s the hash for NEW_TEMP_PASSWORD).

So if you didn’t want to go through the hassle of making your own PHP file you could just take the hash i’ve provided. Just keep in mind that your site won’t be secure until you change your password once you’re back in the Drupal admin panel.

Copy the hashed text.

Step 3: Open phpMyAdmin and Reset the Password

Navigate to your phpMyAdmin (likely in your control panel online somewhere).

Then browse the User table for the Root user and it will look something like this:

Drupal User Table

Take the copied hashed text and paste it into the pass field of the Root user and hit “Go”.

Step 4: Try Logging into your Drupal Admin Panel

If everything went as planned you will now be able to login to your Drupal Admin with the password we’ve hashed out. Make sure to use the password “NEW_TEMP_PASSWORD” and not the hash “$S$C6x2r.aW5Nkg7st6/u.IKWjTerHXscjPtu4spwhCVZlP89UKcbb/”

Once you’ve regained access, make sure to go and change your Root password right away, as to not let anyone else get in there.

Step 5: Remove the Custom Hash PHP File

You no longer need the custom php file on your server, so it’s best to remove it.

Conclusion

It’s not difficult to regain access to your Drupal instance. Just take the time to do things right and don’t forget your passwords in the first place.

Anonymus

very good
Lerato

on point
Nimeshbiyagamage

Hi, I did all you said and everything went well. But when I tried to log back into the admin panel, I still cant.

Could you tell me what should be the username then? I tried admin, admin@”mysitename”.com Admin, root literary everything.. but I still cant go into it.

Pls could you help?

Thanks
Nimesh
Nimeshbiyagamage

Hi again,

Also if I can’t get in to the admin panel, could I drop the drupal database which I created at the time of setting up, then delete all the folders and set up a fresh instance?

Awaiting your reply.

Thanks
Nimesh
http://www.aslingandastone.com Cam

Nimesh,

You should just use the same username that you setup when you created your Drupal instance. If not, you can use phpMyAdmin to change that to something else as well.
http://www.aslingandastone.com Cam

I wouldn’t recommend doing that. You will lose all the data that is in the database if you do that. You shouldn’t even have to change the admin name. Just check in the “users” table and find the 1st users name. That should be it.
http://profile.yahoo.com/RSLHS4NDZDTLECCMPFTMVSGKQM miri.

thank u a lot. This post saved me hours of work