It has happened to everyone (yes, certainly to you too!) to forget your Joomla super administrator user password. Here are two quick and easy ways to reset it.
The Joomla 'super admin' user is obviously a user unlike any other: he can do anything within the CMS. He can read and edit content, add and remove extensions, delete any kind of content. This is why it was decided many versions ago to disable the classic 'retrieve password' for this type of user.
Whereas for 'normal' users the classic password recovery procedure is active, where the system sends you an e-mail with a link where you can reset your password, for admins this option is not there.
So how can this be done? There are two ways:
Method 1: editing the configuration.php file
This method only works if there is at least one other user on the site whose password you know.
This can be any user (even a simple user from the 'registered' group), but you need to know his username and password, so that you can use him as a temporary admin.
You also need to be able to access the website via FTP (or have a file manager in the hosting control panel), because you need to modify the configuration.php file located in the website's root.
Here is therefore what to do to regain access to your website:
- Download the configuration.php file via FTP, you can do this with a programme such as FileZilla
- open it with a text editor (even windows notepad is fine)
- Insert at the end (but before the closing bracket) this line:
- where instead of 'username' you must put the username of the account whose credentials you know.
- Go to the administrator part of the site (www.yoursite.it/administrator) and log in with those credentials.
If all went well, you will be able to log in and this message will appear:
At this point you can go to the user management of your site and change the password of the real administrator user.
CAUTION: After resetting the administrator's password, remember to remove the string from your configuration.php!
What if I don't know how to use FileZilla?
Don't worry, most hosts provide a file manager that allows you to edit your website's file from the hosting control panel.
For example, if you have your site on Aruba you can go to your site's control panel and then to Hosting Linux -> File Manager:
Once you click on 'Manage', a window will open with a list of all the files on the site, including the 'configuration.php' to be edited.
Method 2: Reset password from database with PhpMyadmin
On the other hand, there are cases where the site has only one user: the administrator.
In these cases it is obviously not possible to 'promote' other users to temporary administrators, so you have to go and reset the password directly from the database.
Don't panic, it is simpler than you think.
There is a tool called PhpMyAdmin that all hosting companies provide to their customers: it allows you to go and modify the database directly without knowing anything about queries and counter-queries.
Getting to it can be a little tricky, but hosting companies often provide links created automatically by the domain, for example:
If you go to one of the links above and this screen appears, then you are in the right place:
Some Italian hosts, on the other hand, have dedicated links, e.g. to go to your Aruba database just click on this link: https://mysql.aruba.it/ , if you are on Register.it here you will find a simple guide to this.
Time to login. OK, but with what credentials? Those of your database of course, not those of Joomla!
If you installed Joomla on your hosting you should have no problems: you were asked for them during installation. You should have them somewhere in your hosting activation email. If you did not install Joomla yourself then you can retrieve them from the famous configuration.php that we learned how to download or read in the previous section.
There are two parameters you need:
public $user = 'utente_db'; public $password = 'password_db';
"utente_db" and "password_db" are the credentials you need to log into PhpMyAdmin.
Once you have logged in you will find a screen like this:
where your databases are listed on the left (on Aruba there are 5 by default). Click on the + to the database you are actually using. If you are not sure which db your Joomla is actually using you can read the name from the configuration.php file, here:
public $db = 'pixed_database';
The click will open the list of all tables in the db.
Go from page to page until you find the table called ###_users
Click on it. Inside you will find the list of users of your website.
The field we need is the field in the 'password' column for your super user.
The strange and very long string you read is the MD5 of your current password (which you don't remember). Basically, it is an encrypted version of your real password, saved this way for security reasons (so if a data breach happens and they steal all your database data, they only steal the encrypted version of the passwords and not the real passwords).
We are almost there.
At this point we just need to create the MD5 hash of your new passowrd. You can do this for instance at this website.
If we use the string 'pippo', its MD5 will be 0c88028bf3aa6a6a143ed846f2be1ea4 :
Copy the MD5 hash and then double-click on the password string to be changed in PhpMyAdmin.
Delete the old string and paste the new one.
After pressing "Enter" a green "1 line modified" should appear.
If everything went well, you can now log in again on your website as the administrator's username and the new password 'pippo'.
P.S: Now that you have access to the site, change the password "pippo" to something more effective... and remember it! :-)
If you liked this article, please share it!