22
Aug
1
How to access your admin account when you've forgotten the password
I managed to forget my admin password and found quite a few ways to unlock an SS install. I originally thought about poking around the database and changing the hashes myself. After reviewing the Security and password encryption code, I would recommend against doing that. SilverStripe uses salted SHA1 encryption which is no fun to try and create yourself. Also you'd have to update multiple tables to get the password changed.
Luckily the SS Core team has included multiple features for accomplishing this. The options below assume you have access to your webserver to use some PHP code.
Option 1 - Set a Default Admin Login
From: http://doc.silverstripe.com/doku.php?id=security#system_configuration
Add the following to your _config.php:
Option 2 - Use an Environment Configuration file
From: http://doc.silverstripe.com/doku.php?id=environment-management
At the top level of your site folder create the file _ss_environment.php with the following code:
Option 3 - Use a Member DataObject
In some page controller, config, or any interpreted php file:
Note: You could also grab MemberID 1 if you also forgot your email address. Member ID 1 should be the admin in most cases.
That's it!
You should be able to get back in your admin account using any of the above examples. Now be a little more careful with those passwords, eh?
About the Author
Name: dalesaurus
Comments (1)
-
I would go so far as to say, how about removing the admin user from the DB altogether and always use the _config method 1 way of specifying the admin user and password. That way you can always have access and it can easily be disabled and other users can't change the admin user by accident.
Posted by Pete Bacon Darwin, 22/08/2009 1:19am (11 months ago)
RSS feed for comments on this page RSS feed for all comments