CODEWITHSUNDEEP
umbraco7
Matt Burland
Matt Burland

Reputation: 45135

Umbraco - reset admin password

Is it possible? I was playing around with Umbraco, got it started up last week (just got it up and running, didn't do anything beyond that) and by Monday I'd forgotten the password. I looked here, but none of the suggestions seem to work. Changing the membership provider to Clear here:

    <add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="8" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Hashed" />
    <add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="8" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed" />

If I change UmbracoMembershipProvider to Clear, it doesn't seem to do anything. If I change UserMembershipProvider to Clear then the whole site breaks (it complains that you can only use Umbraco with ASP.NET identity if it's set to Hashed).

All the suggested hashes to replace the userPassword don't seem to work. Setting the userPassword to an empty string doesn't work because the UI won't allow an empty string as a password, and the backend will check it and complain too.

Is there any simple, fool-proof way to reset the damn thing without uninstalling and starting over?

Upvotes: 3

Views: 11684

Answers (9)

Oltion D.
Oltion D.

Reputation: 348

For Umbraco 7-8, create a class as below:

using System.Web.Security;
using Umbraco.Core.Composing;
using Umbraco.Core;
using Umbraco.Core.Services;
using Umbraco.Web.Security.Providers;

namespace Test
{
    [RuntimeLevel(MinLevel = RuntimeLevel.Run)]
    public class StartingComposer : IUserComposer
    {
        public void Compose(Composition composition)
        {
            composition.Components().Append<StartingEvent>();
        }
    }
    public class StartingEvent : IComponent
    {
        private readonly IUserService _userService; 
        public StartingEvent(IUserService userService)
        {
            _userService = userService;
            var adminUser = _userService.GetUserById(-1);
            adminUser.Username = adminUser.Email = "[email protected]";
            adminUser.FailedPasswordAttempts = 0;
            adminUser.IsLockedOut = false;
            adminUser.IsApproved = true;
            adminUser.RawPasswordValue = (Membership.Providers["UsersMembershipProvider"] as UsersMembershipProvider)?.HashPasswordForStorage("Admin123*");
            userService.Save(adminUser);
        }
        public void Initialize()
        {
        }
        public void Terminate()
        {
        }
    }
}

Upvotes: 1

jules
jules

Reputation: 1

For Umbraco 8, I followed Bunkerbuster's answer above but was still having problems.

I found I had to sync the machineKey settings between the temporary/dummy site's Web.config and the forgotten password site's Web.config.

The configuration block looks like this:

 <machineKey validationKey="xxx"
             decryptionKey="xxx"
             validation="HMACSHA256"
             decryption="AES" />

Upvotes: 0

Bunkerbuster
Bunkerbuster

Reputation: 1001

For Umbraco 8 or higher or any other version.

Create a new project in visual studio, install the version of umbraco you want (same as your original project) (using nuget).

Do the setup on the DB type and version (same as your db of your lost account) you want. This time, write down your credentials you want to use.

After the basic installation go to the table [DATABASENAME].[dbo].[umbracoUser] and create a update query of your account, with the info of your new DB.

UPDATE umbracoUser 
set userdisabled=0, 
    userNoConsole=0, 
    userEmail='[email protected]', 
    userLogin='[email protected]',
    failedLoginAttempts=0,  
    userPassword='[COPY HASHED PASSWORD]',
    securityStampToken = '[COPY securityStampToken]'   
where id=-1 -- for version 8.* it is -1

And now you can login to your project without stopping,resetting or changing your original project

Upvotes: 0

Vidyesh
Vidyesh

Reputation: 563

Sometimes you need to update the column lastLockoutDate as well for this manual update in database to work.

Try the following query to update password of admin user as default :

UPDATE [dbo].umbracoUser set userdisabled=0, userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=', lastLockoutDate = null where id=0;

Upvotes: 0

P.Crews
P.Crews

Reputation: 19

To everyone who is unable to solve this using the steps above, what you can do is copy the password from another Umbraco.sdf database file and paste it over the current password in the new sites Umbraco.sdf file. Then log in using that password. You may have to clear cache and reload the site.

Upvotes: 0

Simon Hawes
Simon Hawes

Reputation: 111

We had this issue receiving an Umbraco install from a 3rd party but no credentials. This is for Umbraco 7.6.1

• Modify UsersMembershipProvider set useLegacyEncoding="true" In web.config then restart iis

  • use the usual script to set the admin password the old way

    UPDATE umbracoUser set userdisabled=0, userNoConsole=0, userLogin='admin', failedLoginAttempts=0, userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=' where id=0

• Log in as admin/default

• Navigate to the admin user

• Modify UsersMembershipProvider set useLegacyEncoding="false" then restart iis again

• CTRL-F5 to reload web.config (you should still be logged in via cookie)

• Select “Change Your Password”

• Check the “Reset Password” checkbox

• Click Save

• You will get a green dialog with the new password

• Copy the new password to clipboard

• Click “Change Password” again

• Paste into the “Current Password” field

• Enter admin123456 as new password

• Enter admin123456 as confirm password

• Click Save

To check restart iis, log in as admin/admin123456

Upvotes: 11

Christopher Pascual
Christopher Pascual

Reputation: 419

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=' where id=0

hash is "default" without the quotes

Upvotes: 3

Bj&#248;rn Nyborg
Bj&#248;rn Nyborg

Reputation: 993

I had the same problem the other day. bnWxWyFdCueCcKrqniYK9iAS+7E= should be the correct hash for default.

Insert this in the DB, restart the application (you can just download, and then upload the web.config at the root), and now login with your username and default as password.

When you are logged in you can change the password, and everything should be fine. :)

I hope it helps!

Upvotes: 0

Xogle
Xogle

Reputation: 363

Do you have access to the database it is pointing to? If you do, you can reset the password this way.

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='rboj46J1NSyvbZ5c7UI/5+m+Pcc=' where id=0

or

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='default' where id=0

Where the user is admin and the password is updated to default.

Upvotes: 0

Related Questions