Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
I have a umbraco 188.8.131.52 installation with some work done already but I supidly forgot the password of the only user... admin :-(
In the umbracoUser table the password is hashed and clearing it does not help.
How can I reset the password to "default"
If you have access to the SQL Server, the following SQL statement should work.
UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='d9xnUXsUah9gycu7D0TpRYcx19c=' where id=0
nevermind... I found the solution
changed the password of another installation to the password: default
then looked in the umbracoUser table. The hash for that is: bnWxWyFdCueCcKrqniYK9iAS+7E=
Now updated the umbracoUser table with that hash.... and I can login again :-)
I did not see your reply when I posted this :-) Another hash value in your script.... thats odd.....
Chris, Somehow your script is not for the password default is it?
Whoops.... Try this one instead. I pulled the value from a production system rather than my default DB version.
UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='rboj46J1NSyvbZ5c7UI/5+m+Pcc=' where id=0
Awesome, It worked.
I tried your solution and is updated the table in SQL Server, but still will not enable me to loginto umbraco as admin. Am I right in assuming the decrypted password is 'default'
I have a it working now
Just installed 184.108.40.206 (the version using Cassini and VistaDB) and cannot login as admin.
I have changed the password for admin in the VistaDB database to all the variations suggested above to no effect
really a bit stuck ... appreciate any ideas
To add to my previous post,
I have uninstalled and re-installed Umbraco, using the embedded VistaDB.
I changed the admin password when prompted during the install, making absolutely sure I had an accurate note of the password (which was a weak one).
I still cannot login as admin and see anything of the admin goodies although the runway website itself works.
When I try to login in
a) If I enter the correct password both the username and password field are cleared
b) If I enter an incorrect password, only the password field is cleared
This makes me think that the login was successful when a correct password is entered but something is going wrong beyond that.
Also, is there a more obvious way of logging in as admin than - http://localhost:4522/umbraco/umbraco.aspx?
SO frustrating, there is clearly something good waiting here beyod the security cordon!
make sure your permission settings are correct!
At the stage during the install when the 'permissions' are checked I got a message indicating that all permsission settings were ok.
So, not really sure what to look for; can anyone give a pointer on this?
Richard Soeteman had this tip during the umbraco benelux meetup:
Change the admin-password to clear-text in sql by using the following sql-script:
UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='default' where id=0
Now search in the web.config the UsersMembershipProvider and change the
Now you should be able to login with admin / default
If that works, revert the change in the web.config and save the web.config. Now change the admin password by using the umbraco-client (users/administrator/reset password)
Check the database to see that the password is hashed again...
What could one do when not even this approach works?
We ran into a similar problem.
What I ended up doing was:
FIRST, to go to the web.config and changing the value from "Hashed" to "Clear".
THEN we went into the user table in the DB, we did not do the SQL script, we just went directly to the field in the 'umbracoUser' table and updated the password field directly, changed the value to something other than 'default' or whatever is in there now.
I just made it "password123" temporarily.
Remember to execute the SQL to save the new value.
You might want to see what your userLogin for admin was too. I have forgotten the admin user login too. Usually it is the email address you typed in when you set up the website, but if you changed that along the way use the username that is the admin user name.
THEN go to your Umbraco website, login with your admin username and the new updated password, you should then be able to log in.
Stay logged into the Umbraco Backoffice.
THEN go back to the web.config, change the value BACK to 'Hashed'.
THEN go to back to your browser and the admin user account in Umbraco Backoffice (you are still logged in right?), and change the password.
This will rehash the new password and update the temporary one you updated in the DB table to your now new password.
Make sense? Let us know if this does not even work.
Trying to do what you are writing here I can't even log in when setting the value to "Clear" and changing the password to something simple as password123.
When hitting the "login" button I get a error 400, and looking at the headers it doesn't seem as if my request is getting to the database. It is rejected up front as a "bad request"
This is freakishly random.
Same setup as yesterday where nothing worked. Before I closed everything and went home, I rebooted the computer, refreshed all caches and temp files, rebooted again, and still: nothing. I couldn't get login to work in any way.
Then today, I boot up the computer, try to login (with everything as it was yesterday), and now I can login.
I don't know what the problem is, but I know that the Umbraco team stands firm in the opinion that there's nothing wrong with Umbraco and that it's something local.
With all the cases that I have read about, and seeing my own case, I choose to oppose.
Or just clear the "userPassword" field in the database, login with no password and change to the new password.
Just adding some steps if you dont what to change beetween clear and hashed:
1. Open user-table in SQL Server Management Studio and clear the userPassword-filed.2. Login to you umbraco-backend using the "username" and a empyt password textbox.3. Click the users-tab and add a user, remember the password.4. Go back to Management studio and copy the password from the new user to your old account.
I didn't have any luck pasting in the hash values above. What did work for me was the following:
Open the Users table and delete the password value.
Login to Umbraco with a blank password.
Now.. the tricky part. With the password blank in the database, the User editor will not display the change password form.
Go back in the Users table (while still logged in) and put some text in the password field. I used the number 1.
Open the admin user and reset the password to something new.... presumably that you will remember this time. ; )
@Brad My solution was simular, I added a new administrator - logged in as that person and changed the password for the "root"-administrator./ M
i cant seem to get this to work in umbraco 4. has something changed? I migrated content over from one server to another and now i can't login with my original username and password and deleting the field has not helped
Got the similar problem about passwords, correcting the permissions solved it.. Thanks Stephan Kvart :)
bnWxWyFdCueCcKrqniYK9iAS+7E= worked for me, this set my password to 'default'
UPDATE umbracoUser set userdisabled=0, userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=' where id=0
How can I reset or retrieve admin password for umbraco 5.1 . There is no umbracoUser table or anything like that. any ideas?
I have also tried this to no avail. Can I ask how you fixed it please?
Which web browser are you using? With Umbraco 220.127.116.11 we had an issue where IE on SQL Server 2008r2 would not allow us to login. Chrome worked fine.
Thanks for the help all, the one that worked for me was changing the password in user table to bnWxWyFdCueCcKrqniYK9iAS+7E=
This hash was the "default"
Does anyone know if the hashing or something has changed for umbraco v.6.1.6? "bnWxWyFdCueCcKrqniYK9iAS+7E=" isn't working for "default"...
I'm using umbraco 7 and I have tried everythingh here... no joy, I'm almost thinking of starting the whole project from scratch
this is a really bad bug... killing time for something that should be easy to fix.
i was able to reset the admin pass with the Clear format attribute in web.config under Umbraco 7.1.4
I am using umbraco 6.1.5 and having the same unsuccessful login issue. I can't seem to login to the backoffice via the admin credentials. I tried resetting the password via the db to no luck.
After further research this seems to be only occurring now in my development environment. My stage environment is working if you login using ssl.
I created a copy of the stage database and restored it to my development server. I pointed the webconfig to the new database and also copied over the umbraco.config file locally as well. I am still not successful logging in. My development server does not have SSL. Any tips would be greatly appreciated!
Just had to battle this issue and it turned out that the admin record had userNoConsole set to 1.
So the fix was to reset this along with the password
UPDATE umbracoUser set userNoConsole=0, userdisabled=0, userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=' where id=0;
The weird thing is, as far as I can tell only the Admin account has access to the Admin account settings to make that fatal change.
that worked for me.
I have seem to have a problem with using the "Clear" trick on the latest 7.2.1. When setting back to hashed after reset it does not work again.
Any new updates that changed the password reset tricks?
Thanks in advance
If you have acces to the database then you can try this approach.
1: Find the user table in database. Change th string in the password column to bnWxWyFdCueCcKrqniYK9iAS+7E=
This string bnWxWyFdCueCcKrqniYK9iAS+7E= is the hashed value for the password "default".
When you have done that you should be able to login with your username and in the password field you type default.
2: After you´re logged into the Umbraco office go the users section and change your password, to the password that you want.
If you want an SQL script you could execute this script on the database, and it should set the admin password to default
UPDATE umbracoUser set userdisabled='False', userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E='where id=0;
Remember to change the userLogin if not not are logging with the admin user, the same for the id if you choose to use the SQL script. And be careful you are working with the database
Hope this helps,
Hi Dennis, I have tried that but it does not seem to work with 7.x anymore. Nor does the setting Password to Clear since it stops working as soon as I put it back to Hashed.
What are the values for the user that you are trying to login with in the userDisabled column and userNoConsole, both should be set to False. See the screenshot below.
Did you use the script or did you manually change the password value, in the column. If you used the script before perhaps it would been an idea to just change it directly in the column.
I used the UPDATE script and both are 0 (or false). Really strange. I also tried installing a fresh one and just copy the default but no go.
Could this affect?
I also get this (yes the user does exist)
"Message":"An error has occurred.","ExceptionMessage":"The user 'admin' could not be found in the Umbraco database"
Hey. I found that I had the same issue. I managed to get the default password working as described above, but only after stopping and starting the App Pool for the site. When I logged in; changed the password; and then logged out, I found that the issue returned. Restarting the App Pool again seemed to solve the issue.
Not sure that I like the idea of restarting the app pool everytime a password needs changing. Anyone have any other suggestions?
Thanks a lot, not sure for some reason my password stopped working, I spent 4 to 5 hours to find solution, I rebooted my server after creating new username and password in database,it did not work,strangely it worked only after Apppool restart :)
hi there, how can i find out the user details for our cms' admin account, we only have writer and editor accoutns set up and are constantly told by our IT that those are the admin (or developer as they call it) accesses. this cannot be the case as i cannot see any advanced options such as user tables etc.
any helpw ould be greatly appareciated, the site has been hadnballed from person to person and no one has any info at all.
Hi Rhycelle and welcome to our :)
The definition of an administrator account can vary depending on the people using Umbraco.
When an Umbraco installation is setup there is a master administrator account created during installation - When a company or a developer is setting up a solution for another company usually there are created an "Administrator" account, which has limited access - So the admin is able to see "Content", "Media", "Users", "Translation", and "Members". And then usually there can be "Editor" and "Writer" accounts. The developers administrator account has access to all the sections, which includes "Developer" and "Settings".
In order to be able to fetch the account you're looking for you'll need to have access tot the database and look in the users table.
But I'm wondering if you could get in touch with the agency that developed the site instead and get the information from them?
Looking forward to hearing from you.
thanks Jan, appreciate the quick response. i was able to find the orignal developer's admin logins however i cannot seem to find anywhere to get to the database or do any other things i needed (like macro changes). i'm thinking i may need to rebuild the form macro for that page all together. thanks again, will continue researching the forums.
All these settings works just fine. You might be unable to see the changes in system after updating database table. This is because sometime Umbraco cache the users in cache with old information. So, after making all the DB changes, recycle AppPool or just add one space in web.config and save it (this will also do APR). And after that refresh the page and try with the password. I figure out this after spending 1-2 hours. :)
admin => d9xnUXsUah9gycu7D0TpRYcx19c=
default => bnWxWyFdCueCcKrqniYK9iAS+7E=
your message helped us.
I've had this problem also, after upgrading for 7.3 and running a security check. My user account got locket and I've used the update umbracoUser method to try solving. Same 400 response.
However I discovered that there is some sort of cache for the authentication, so after updating the table I had to clean the App_Data folder.
I'm not sure why or how umbraco works exactly but this procedure solved my issue.
It works... :/
Had the same issue and clearing the app_data temp dir plus removing umbraco.config also allowed me to log in with the updated password.
not one works for me.
Not restarting app_pool or the hashed version of default.
What i did was I went to another umbraco site that i can still login, copied the hashed password of that one.
once i updated the database, i changed it to my preferred password.
For anyone who wants to know the hashed equivalent of "password" (without the double quotes) it is:
then dont forget to change your password once you logged in.
This is the only option that works for me @denisedelbando. ! you'r a life saver .. it took me 6 days to figure it out.
We can reset our Umbraco admin password by following the below steps :
1 ) We need to generate new password using the below link :
In the above function, we have set a new password "pass123".
2 ) Now, we need to update the admin user password using a new hash password "1p6mM9EvHJU8Bv5fWcvBX9fTSvc=" using the below query :
UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='1p6mM9EvHJU8Bv5fWcvBX9fTSvc=' where id=0
That's it. Now we can login using new admin password "pass123".
The easiest way by far (for Umbraco 7 at least) is to download https://our.umbraco.org/projects/developer-tools/umbraco-admin-reset/
You just download the DLL, but in /bin/ folder and it resets the password and deletes itself. You can then login and change password.
Yeah. Started using this. far easier than messing with SQL
Using UmbracoAdminReset.dll worked for me on Umbraco version 7.5.2
Just make sure that allowManuallyChangingPassword="true" or else the username is changed but not the password.
After trying countless variations of the suggested above I found what worked for me:
How to reset password:
The login entry form on the webpage uses the following:
Very nice. Generated password and executed SQL UPDATE. That rextester UI would be great for Umbraco admin password reset. :-)
this was it! everything else didn't work for me, but umbracoUser.userNoConsole = false was the way to get access :)
Hello, is there a UI that allows users not only admins to reset password? Is there a forgotten password link? Something similar to WordPress does?
When a user is logged in they can click on the user avatar / umbraco icon (top left) to change their password.
That is assuming users know their password. In my case, I don't know the password, and I want to either reset or request a new temporary password. How do I accomplish that?
Umbraco is not providing any reset password functionality from a login page like Wordpress. Means only admin can reset the password using the above mentioned methods.
Luckily such feature will exists in future releases - Once Umbraco 7.5 is released there will be an option to reset the password - Just mentioning it for future reference.
That is great. Thank you.
This topic have some time now, but since no one has placed what I consider the best solution for resetting Umbraco back office password, I leave my opinion. I mean since Umbraco 7.3.xx I guess??
Umbraco (> 7.3.x) has a recover password process already implemented.
The only thing that you need to do is setup email SMTP settings on Umbraco web.config. Here is an example:
With this on your web.config, you can use the recover password option on BackOffice login form. Umbraco will send a link to recover password. If you deploy Umbraco for your customer, this is the proper way to do it.
Other possible option already mentioned here is this plugin to reset:
If you have Umbraco 7.6+, and tried all the given solutions on this post,
you may be better off with getting the password reset process enabled through Umbraco locally.
What worked in my case, was installing PAPERCUT.
Then make sure your web.config within your Umbraco project has the appropriate mail settings to talk to PAPERCUT:
<smtp deliveryMethod="Network" from="email@example.com">
<network host="127.0.0.1" port="25" />
...You may have to also set that same admin email address in your umbracoSettings.confg like so:
<!-- the email that should be used as from mail when umbraco sends a notification -->
Finally, go to your log-in screen for BackOffice, and click the forgotten password link? and follow through.
forgotten password link?
Hopefully this helps!
I have tried all these options but nothing works.
I am unsure what version of Umbraco the site uses as i am both new to the site and to Umbraco
I do know that the web.config file has the machinecode tag in it with a custom decryption and validation key.
Would this stop all the sql reset options from working as i am sure the hashing function uses this to hash the password doesn't it
I do have complete access to code and database
Not sure if useful or not, but instead of using a remote smtp server which maybe you don't have access (I haven't at least) you can set a dump directory to store there the emails and just retrieve the reset password link:
<specifiedPickupDirectory pickupDirectoryLocation="C:\Email" />
After several attempts (and also trying the solution which was working for me the last time, see comment above), the solution of Oriol was the one which actually worked!
Just had to modify the membership provider in web.config to the following:
<membership defaultProvider="UmbracoMembershipProvider" userIsOnlineTimeWindow="15">
<add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="10" useLegacyEncoding="false" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Clear" allowManuallyChangingPassword="false" />
<add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" />
and update the mailSettings as Oriol mentioned. Afterwards the link to reset password was working and created an .eml file (E-Mail) in the specified directory with a link to create a new password.
Umbraco version is 7.11.1
I haven't seen anyone mention this.
You could potentially have login issues because of a lockout
(that was the issue in my case).
If that is the case set lastLockoutDate = null.
Heres the code I used (insert your own user and password)
UPDATE umbracoUser set userdisabled=0, userLogin='', userPassword='', failedLoginAttempts = 0, lastLockoutDate = null where id=0
Just in case someone stumbles upon this old thread, please note that there is an "official way" to reset the admin password in the documentation:
is working on a reply...
Write your reply to:
Image will be uploaded when post is submitted