How to access your admin account when you've forgotten the password

Tweet

22 August 2009 | dalesaurus | Security, Member, Login

2 1

I managed to forget my admin password and found quite a few ways to unlock an SS install. I originally thought about poking around the database and changing the hashes myself. After reviewing the Security and password encryption code, I would recommend against doing that. SilverStripe uses salted SHA1 encryption which is no fun to try and create yourself. Also you'd have to update multiple tables to get the password changed. Luckily the SS Core team has included multiple features for accomplishing this. The options below assume you have access to your webserver to use some PHP code.

Option 1 - Set a Default Admin Login

From: http://doc.silverstripe.com/doku.php?id=security#system_configuration

Add the following to your _config.php:

Security::setDefaultAdmin('adminuser', 'password');

Option 2 - Use an Environment Configuration file

From: http://doc.silverstripe.com/doku.php?id=environment-management
At the top level of your site folder create the file _ss_environment.php with the following code:

<?php
define('SS_DEFAULT_ADMIN_USERNAME', 'adminuser');
define('SS_DEFAULT_ADMIN_PASSWORD', 'password');
?>

Option 3 - Use a Member DataObject

In some page controller, config, or any interpreted php file:

$m = DataObject::get_one('Member', "Email = 'youradminaddress@email.com'");
$m->changePassword('password');

Note: You could also grab MemberID 1 if you also forgot your email address.  Member ID 1 should be the admin in most cases.

That's it!

You should be able to get back in your admin account using any of the above examples.  Now be a little more careful with those passwords, eh?