If you have access to the SQL Server, the following SQL statement should work.

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='d9xnUXsUah9gycu7D0TpRYcx19c=' where id=0

nevermind... I found the solution

changed the password of another installation to the password: default

then looked in the umbracoUser table. The hash for that is: bnWxWyFdCueCcKrqniYK9iAS+7E=

Now updated the umbracoUser table with that hash.... and I can login again :-)

Ah Chris,

I did not see your reply when I posted this :-)    Another hash value in your script.... thats odd.....

Thanx

Chris, Somehow your script is not for the password default is it?

Hello Chris

I tried your solution and is updated the table in SQL Server, but still will not enable me to loginto umbraco as admin. Am I right in assuming the decrypted password is 'default'

Thanks

Don

hello Chris

I have a it working now

Thanks

Don

Hi

Just installed 4.0.2.1  (the version using Cassini and VistaDB) and cannot login as admin.

I have changed the password for admin in the VistaDB database to all the variations suggested above to no effect

bnWxWyFdCueCcKrqniYK9iAS+7E=

d9xnUXsUah9gycu7D0TpRYcx19c=

rboj46J1NSyvbZ5c7UI/5+m+Pcc=

really a bit stuck ... appreciate any ideas

To add to my previous post,

I have uninstalled and re-installed Umbraco, using the embedded VistaDB.

I changed the admin password when prompted during the install, making absolutely sure I had an accurate note of the password (which was a weak one).

I still cannot login as admin and see anything of the admin goodies although the runway website itself works.

When I try to login in

a) If I enter the correct password both the username and password field are cleared

b) If I enter an incorrect password, only the password field is cleared

This makes me think that the login  was successful when a correct password is entered but something is going wrong beyond that.

Also, is there a more obvious way of logging in as admin than - http://localhost:4522/umbraco/umbraco.aspx?

SO frustrating, there is clearly something good waiting here beyod the security cordon!

make sure your permission settings are correct!

At the stage during the install when the 'permissions' are checked I got a message indicating that all permsission settings were ok.

So, not really sure what to look for; can anyone give a pointer on this?

Richard Soeteman had this tip during the umbraco benelux meetup:

Change the admin-password to clear-text in sql by using the following sql-script:

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='default' where id=0

Now search in the web.config the UsersMembershipProvider and change the

passwordFormat="Hashed"
into Clear:
passwordFormat="Clear"

Now you should be able to login with admin / default

If that works, revert the change in the web.config and save the web.config. Now change the admin password by using the umbraco-client (users/administrator/reset password)

Check the database to see that the password is hashed again...

Nico

Or just clear the "userPassword" field in the database, login with no password and change to the new password.

Just adding some steps if you dont what to change beetween clear and hashed:

1. Open user-table in SQL Server Management Studio and clear the userPassword-filed.
2. Login to you umbraco-backend using the "username" and a empyt password textbox.
3. Click the users-tab and add a user, remember the password.
4. Go back to Management studio and copy the password from the new user to your old account.

I didn't have any luck pasting in the hash values above.  What did work for me was the following:

Open the Users table and delete the password value.

Login to Umbraco with a blank password.

Now.. the tricky part.  With the password blank in the database, the User editor will not display the change password form.

Go back in the Users table (while still logged in) and put some text in the password field.  I used the number 1.

Open the admin user and reset the password to something new.... presumably that you will remember this time.  ; )

@Brad

My solution was simular, I added a new administrator - logged in as that person and changed the password for the "root"-administrator.

/ M

i cant seem to get this to work in umbraco 4.  has something changed?  I migrated content over from one server to another and now i can't login with my original username and password and deleting the field has not helped

Got the similar problem about passwords, correcting the permissions solved it.. Thanks Stephan Kvart  :)

bnWxWyFdCueCcKrqniYK9iAS+7E=    worked for me, this set my password to 'default'

Hi

How can I reset or retrieve admin password for umbraco 5.1 . There is no umbracoUser table or anything like that. any ideas?

 

I have also tried this to no avail. Can I ask how you fixed it please?

Which web browser are you using? With Umbraco 4.7.1.1 we had an issue where IE on SQL Server 2008r2 would not allow us to login. Chrome worked fine.

-David Fyin.com

Thanks for the help all, the one that worked for me was changing the password in user table to bnWxWyFdCueCcKrqniYK9iAS+7E=

This hash was the "default"

Umbraco 6.1.1

Does anyone know if the hashing or something has changed for umbraco v.6.1.6? "bnWxWyFdCueCcKrqniYK9iAS+7E=" isn't working for "default"...

I'm using umbraco 7 and I have tried everythingh here... no joy, I'm almost thinking of starting the whole project from scratch

this is a really bad bug... killing time for something that should be easy to fix.

i was able to reset the admin pass with the Clear format attribute in web.config under Umbraco 7.1.4

I am using umbraco 6.1.5 and having the same unsuccessful login issue. I can't seem to login to the backoffice via the admin credentials. I tried resetting the password via the db to no luck.
After further research this seems to be only occurring now in my development environment. My stage environment is working if you login using ssl.

I created a copy of the stage database and restored it to my development server. I pointed the webconfig to the new database and also copied over the umbraco.config file locally as well. I am still not successful logging in. My development server does not have SSL. Any tips would be greatly appreciated!

Just had to battle this issue and it turned out that the admin record had userNoConsole set to 1.

So the fix was to reset this along with the password

UPDATE umbracoUser set userNoConsole=0, userdisabled=0, userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E=' where id=0;

The weird thing is, as far as I can tell only the Admin account has access to the Admin account settings to make that fatal change.

thanks rob...

that worked for me.

I have seem to have a problem with using the "Clear" trick on the latest 7.2.1. When setting back to hashed after reset it does not work again.

Any new updates that changed the password reset tricks?

Thanks in advance

Hi Marcus,

If you have acces to the database then you can try this approach.

1: Find the user table in database. Change th string in the password column to bnWxWyFdCueCcKrqniYK9iAS+7E=

This string bnWxWyFdCueCcKrqniYK9iAS+7E= is the hashed value for the password "default".

When you have done that you should be able to login with your username and in the password field you type default.

2: After you´re logged into the Umbraco office go the users section and change your password, to the password that you want.

If you want an SQL script you could execute this script on the database, and it should set the admin password to default

UPDATE umbracoUser set userdisabled='False', userLogin='admin', userPassword='bnWxWyFdCueCcKrqniYK9iAS+7E='where id=0;

Remember to change the userLogin if not not are logging with the admin user, the same for the id if you choose to use the SQL script. And be careful you are working with the database

Hope this helps,

/Dennis

Hi Dennis, I have tried that but it does not seem to work with 7.x anymore. Nor does the setting Password to Clear since it stops working as soon as I put it back to Hashed.

Hi Markus,

What are the values for the user that you are trying to login with in the userDisabled column and userNoConsole, both should be set to False. See the screenshot below.

Did you use the script or did you manually change the password value, in the column. If you used the script before perhaps it would been an idea to just change it directly in the column.

Hope this helps,

/Dennis

I used the UPDATE script and both are 0 (or false). Really strange. I also tried installing a fresh one and just copy the default but no go.

Could this affect?

 useLegacyEncoding="true" 

I also get this (yes the user does exist)

"Message":"An error has occurred.","ExceptionMessage":"The user 'admin' could not be found in the Umbraco database"

Hey. I found that I had the same issue. I managed to get the default password working as described above, but only after stopping and starting the App Pool for the site. When I logged in; changed the password; and then logged out, I found that the issue returned. Restarting the App Pool again seemed to solve the issue.

Not sure that I like the idea of restarting the app pool everytime a password needs changing. Anyone have any other suggestions?

hi there, how can i find out the user details for our cms' admin account, we only have writer and editor accoutns set up and are constantly told by our IT that those are the admin (or developer as they call it) accesses.  this cannot be the case as i cannot see any advanced options such as user tables etc.

any helpw ould be greatly appareciated, the site has been hadnballed from person to person and no one has any info at all.

Hi Rhycelle and welcome to our :)

The definition of an administrator account can vary depending on the people using Umbraco.

When an Umbraco installation is setup there is a master administrator account created during installation - When a company or a developer is setting up a solution for another company usually there are created an "Administrator" account, which has limited access - So the admin is able to see "Content", "Media", "Users", "Translation", and "Members". And then usually there can be "Editor" and "Writer" accounts. The developers administrator account has access to all the sections, which includes "Developer" and "Settings".

In order to be able to fetch the account you're looking for you'll need to have access tot the database and look in the users table.

But I'm wondering if you could get in touch with the agency that developed the site instead and get the information from them?

Looking forward to hearing from you.

/Jan

thanks Jan, appreciate the quick response.  i was able to find the orignal developer's admin logins however i cannot seem to find anywhere to get to the database or do any other things i needed (like macro changes). i'm thinking i may need to rebuild the form macro for that page all together. thanks again, will continue researching the forums.

Guys,

All these settings works just fine. You might be unable to see the changes in system after updating database table. This is because sometime Umbraco cache the users in cache with old information. So, after making all the DB changes, recycle AppPool or just add one space in web.config and save it (this will also do APR). And after that refresh the page and try with the password. I figure out this after spending 1-2 hours. :)

admin => d9xnUXsUah9gycu7D0TpRYcx19c=

default => bnWxWyFdCueCcKrqniYK9iAS+7E=

Thanks, Bipin

Thanks Bipin, your message helped us.

cheers! Adarsh

I've had this problem also, after upgrading for 7.3 and running a security check. My user account got locket and I've used the update umbracoUser method to try solving. Same 400 response.

However I discovered that there is some sort of cache for the authentication, so after updating the table I had to clean the App_Data folder.

I'm not sure why or how umbraco works exactly but this procedure solved my issue.

not one works for me.

Not restarting app_pool or the hashed version of default.

What i did was I went to another umbraco site that i can still login, copied the hashed password of that one. once i updated the database, i changed it to my preferred password.

For anyone who wants to know the hashed equivalent of "password" (without the double quotes) it is:

/7IIcyNxAts3fvQYe2PI3d19cDU=

then dont forget to change your password once you logged in.

Hello All,

We can reset our Umbraco admin password by following the below steps :

1 ) We need to generate new password using the below link :

http://www.99bugs.com/i-lost-my-umbraco-admin-password-now-what/

In the above function, we have set a new password "pass123".

2 ) Now, we need to update the admin user password using a new hash password "1p6mM9EvHJU8Bv5fWcvBX9fTSvc=" using the below query :

UPDATE umbracoUser set userdisabled=0, userLogin='admin', userPassword='1p6mM9EvHJU8Bv5fWcvBX9fTSvc=' where id=0

That's it. Now we can login using new admin password "pass123".

Thanks, Pradip

The easiest way by far (for Umbraco 7 at least) is to download https://our.umbraco.org/projects/developer-tools/umbraco-admin-reset/

You just download the DLL, but in /bin/ folder and it resets the password and deletes itself. You can then login and change password.

After trying countless variations of the suggested above I found what worked for me:

How to reset password:

1. Generate hash password using a hash key generator such as http://www.99bugs.com/i-lost-my-umbraco-admin-password-now-what/ as suggested above, or use one of those suggested above.
2. Copy hash key and paste output into umbracoUser.userPassword.
3. Make sure umbracoUser.userNoConsole = False.
4. Change one space or letter in site web.config, save, then start site (this change makes the application pool reset).

The login entry form on the webpage uses the following:

1. Login is umbracoUser.userLogin.
2. Password is umbracoUser.userPassword (saved in hash form in db).

Hello, is there a UI that allows users not only admins to reset password? Is there a forgotten password link? Something similar to WordPress does?

Umbraco is not providing any reset password functionality from a login page like Wordpress. Means only admin can reset the password using the above mentioned methods.

This topic have some time now, but since no one has placed what I consider the best solution for resetting Umbraco back office password, I leave my opinion. I mean since Umbraco 7.3.xx I guess??

Umbraco (> 7.3.x) has a recover password process already implemented. The only thing that you need to do is setup email SMTP settings on Umbraco web.config. Here is an example:

  <system.net>
<mailSettings>
<smtp from="[email protected]">
            <network host="smtp.domain.com" 
             port="587" 
             userName="[email protected]" 
             password="yourpassword" 
             enableSsl="true"/>
        </smtp>
</mailSettings>

With this on your web.config, you can use the recover password option on BackOffice login form. Umbraco will send a link to recover password. If you deploy Umbraco for your customer, this is the proper way to do it.

Other possible option already mentioned here is this plugin to reset: https://our.umbraco.org/projects/developer-tools/umbraco-admin-reset/

If you have Umbraco 7.6+, and tried all the given solutions on this post, you may be better off with getting the password reset process enabled through Umbraco locally.

What worked in my case, was installing PAPERCUT.

Then make sure your web.config within your Umbraco project has the appropriate mail settings to talk to PAPERCUT:

  <system.net>
    <mailSettings>
      <smtp deliveryMethod="Network" from="[email protected]">
        <network host="127.0.0.1" port="25" />
      </smtp>
    </mailSettings>
  </system.net>

...You may have to also set that same admin email address in your umbracoSettings.confg like so:

<notifications>
  <!-- the email that should be used as from mail when umbraco sends a notification -->
  <email>[email protected]</email>
</notifications>

Finally, go to your log-in screen for BackOffice, and click the forgotten password link? and follow through.

Hopefully this helps!

I have tried all these options but nothing works.

I am unsure what version of Umbraco the site uses as i am both new to the site and to Umbraco

I do know that the web.config file has the machinecode tag in it with a custom decryption and validation key.

Would this stop all the sql reset options from working as i am sure the hashing function uses this to hash the password doesn't it

I do have complete access to code and database

Thanks

Not sure if useful or not, but instead of using a remote smtp server which maybe you don't have access (I haven't at least) you can set a dump directory to store there the emails and just retrieve the reset password link:

<mailSettings>
  <smtp deliveryMethod="SpecifiedPickupDirectory">
    <specifiedPickupDirectory pickupDirectoryLocation="C:\Email" />
  </smtp>
</mailSettings>

I haven't seen anyone mention this.

You could potentially have login issues because of a lockout (that was the issue in my case).

If that is the case set lastLockoutDate = null.

Heres the code I used (insert your own user and password)

UPDATE umbracoUser set userdisabled=0, userLogin='', userPassword='', failedLoginAttempts = 0, lastLockoutDate = null where id=0

Just in case someone stumbles upon this old thread, please note that there is an "official way" to reset the admin password in the documentation:

https://our.umbraco.com/documentation/Reference/Security/reset-admin-password

is working on a reply...