Normally, you can add, edit and delete users and passwords from the back-end User Manager. To do this, you must be logged in as a member of the Super Administrator group.
In some situations, this may not be possible. For example, your site may have been "hacked" and had the passwords or users changed. Or perhaps the person who knew the passwords is no longer available. Or maybe you have forgotten the password that was used.
In these cases, it is still possible to alter the Joomla! database so you can log back in as a Super Administrator. These are the possible methods available to Joomla! administrators.
Method 1: Configuration.php file
If you have access to your configuration.php file for the Joomla installation on your server, can recover the password using the following method.
1.) Open the configuration.php file and add this line
public $root_user='myname';
to the bottom of the list where myname is a username with administrator access that you know the password for. An username that is Author level or higher can also be used in place of a username with administrator access.
2.) Save the configuration.php file.
This user will now be a temporary super administrator.
4.) Login to the back end and change the password of the administrator user you don't have the password for or create a new super admin user. If you create the new user you may want to block or delete the old user depending on your circumstances.
5.) When finished, make sure to use the "Click here to try to do it automatically" link that appears in the alert box to remove the line that was added to the configuration.php file. If using the link was not successful, then go back and delete the added line from your configuration.php file.
7.) Using your FTP program verify the file permissions of the configuration.php file, they should be 444. If you manually removed the added line, then change the file permissions on the configuration.php file to 444.
If you have no users who know their passwords and you can't utilize front end registration you may need to make a change in your database as outlined below in this document.
Method 2: Direct Editing of Database
If the methods above did not work, you have two other options, both of which require working with the MySQL database directly.
Change the Password in the Database
If the admin user is still defined, the simplest option is to change the password in the database to a known value. This requires that you have access to the MySQL database using phpMyAdmin or another client.
Make sure you change your password once you regain access
These instructions show how to manually change a password to the word - "secret"
Navigate to phpMyAdmin and select the database for the Joomla!
Find and click on the table with "_users" appended in the list of tables (note: you may have a prefix that is not jos_, simply go to the _users table for your prefix).
Click on the "Browse" button in the top toolbar. This will show all of the users that are set up for this site.
Find the user whose password you want to change and press the Edit icon for this row.
A form will display that allows you to edit the password field. Copy the value
d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
into the password field and press the Go button. phpMyAdmin should display the message "Affected rows:
1". At this point, the password should be changed to "secret".
Log in with this user and password and change the password of this user to a secure value. Check all of the users using the User Manager to make sure they are legitimate. If you have been hacked, you may want to change all of the passwords on the site.
Thank you,
