password recovery for drupal - drupal

i forgot my drupal user id and password. Is there any way to recover it

http://example.com/<path-to-drupal>/user/password should bring you to a page where you can request a reset/new-password.
Edit:
The above path applies if you have 'clean URLs' enabled, if not use http://example.com/<path-to-drupal>/?q=user/password

This solution is valid for Drupal 5 or 6 but not for Drupal 7. This version does not use a standard hashed password. You can get your encoded password running the following command:
php /path_to_drupal_files/scripts/password-hash.sh your_password
Then you can see your password hash. This is the string that you should use in the database to update the admin password. You can use the following SQL query to update the Drupal database.
UPDATE users SET pass='YOUR_PASSWORD_HASH' where uid=1;

If you don't have access to the email (or want to bulk-update the passwords) you can update the database with a query like:
UPDATE users SET pass = md5('NEWPASSWORD') WHERE name = 'admin'

Related

Encrypting the Web Console password in ActiveMQ

I have to get rid of the clear text password in ActiveMQ server in the jetty-realm.properties file as part of the security requirements of our project.
I followed the procedure for encrypting passwords found here: https://activemq.apache.org/encrypted-passwords.html.
In Jetty-real.properties I replaced plain password with ${activemq.password}
But I could not login into the web console (http://localhost:8161/admin)
Are there additional config parameters I need to change? Any help would be greatly appreciated.
For ecrypt password we can use jetty utility. This can be downloaded from http://download.eclipse.org/jetty/.
use:
java -cp lib/jetty-util-$JETTY_VERSION.jar org.eclipse.jetty.util.security.Password admin admin
admin
OBF:1u2a1toa1w8v1tok1u30
MD5:21232f297a57a5a743894a0e4a801fc3
CRYPT:adpexzg3FUZAk
Add in bus\conf\jetty.xml\jetty-realm.properties
admin: MD5:21232f297a57a5a743894a0e4a801fc3, admin
A very important note: the sequence of data specified by you should be as follows:
org.eclipse.jetty.util.security.Password [username] password
Also note that in some shells (like default on Ubuntu 20.04) the dollar sign inside the password will effectively truncate your password to the part preceding the dollar sign.
(I meant to put a comment to the answer by #dorin.canepa, but clicked on a wrong button and now it's an answer, oh well)

Forgot Oracle username and password, how to retrieve?

I have forgotten my Oracle username and password and hence not able to use it. My Oracle version is 11.2.0.1.0(11g). I consulted Internet. They asked me to execute commands like ‘SYSDBA’ but I was unable to do it as once I give ‘SYSDBA’ on Command Prompt screen, it takes the command as the username and next asks for password. I cannot execute any commands suggested by them as whatever I enter is taken as the username, subsequently password is asked and error occurs.
Open your SQL command line and type the following:
SQL> connect / as sysdba
Once connected,you can enter the following query to get details of username and password:
SQL> select username,password from dba_users;
This will list down the usernames,but passwords would not be visible.But you can identify the particular username and then change the password for that user.
For changing the password,use the below query:
SQL> alter user username identified by password;
Here username is the name of user whose password you want to change and password is the new password.
Go to SQL command line:-
type:
sql>connect / as sysdba;
then type:
sql>desc dba_users;
then type:
sql>select username,password from dba_users;
If sysdba doesn't work then try connecting with username:scott and password: Tiger
You will be able to see all users with passwords.
Probably you might find your's.
Hope this helps
Open Command Prompt/Terminal and type:
sqlplus / as SYSDBA
SQL prompt will turn up. Now type:
ALTER USER existing_account_name IDENTIFIED BY new_password ACCOUNT UNLOCK;
Voila! You've unlocked your account.
The usernames are shown in the dba_users's username column, there is a script you can run called:
alter user username identified by password
You can get more information here - https://community.oracle.com/thread/632617?tstart=0
if you are on Windows
Start the Oracle service if it is not started (most probably it starts automatically when Windows starts)
Start CMD.exe
in the cmd (black window) type:
sqlplus / as sysdba
Now you are logged with SYS user and you can do anything you want (query DBA_USERS to find out your username, or change any user password). You can not see the old password, you can only change it.

Change admin password in drupal 7

I am using built in Drupal 7 user module, fore user registration, forgot-your-password-emails and all that stuff.
I have forgotten my admin password. I have access to my website which is hosted on 1and1.com and also have access to mysql?
Is it possible to change password or email address through SQL so that I can access the admin page?
If it possible how? Can you somebody help me with this?
Thanks!
If you have Drush installed, you just have to enter the following command in the terminal from anywhere inside the site root.
drush upwd admin --password=mynewpassword
Here, admin is the user name; who's password will be changed to mynewpassword.
After several research I tried the following code stored it as a php file in the root directory
saved it as password-reset-admin.php
<?php
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
require_once DRUPAL_ROOT . '/includes/password.inc';
if (isset($_GET['pass']) && !empty($_GET['pass'])) {
$newhash = user_hash_password($_GET['pass']);
}
else {
die('Retry with ?pass=PASSWORD set in the URL');
}
$updatepass = db_update('users')
->fields(array(
'pass' => $newhash,
// 'name' => 'admin',
// 'mail' => 'yourmail#domain.com';
))
->condition('uid', '1', '=')
->execute();
print "Done. Please delete this file immediately!";
drupal_exit();
?>
And after that access the php file through the following:
https://yoursite.com/password-reset-admin.php?pass=newpassword
It just worked..:) Hope it helps others.
Please make sure you delete the file.
To change the password, you need to have shell access to your website. If not, download a copy of drupal 7 on your local machine.
Then, open your terminal and navigate to your Drupal 7 root folder. Then type the following command:
./scripts/password-hash.sh NEW_PASSWORD
Replace NEW_PASSWORD with the new password you need.
This will output a new password hash, copy this password and go to your database manager (phpMyAdmin or similar) and change the admin password to newly generated text.
I don't know of other way to do that, because Drupal is not using MD5 anymore and use a hashing algorithm instead.
Change directory to your Drupal's root.
Then generate the new hash.
In case of Drupal 7:
$ php scripts/password-hash.sh 'your-new-pass-here'
Then execute SQL query to update the administrator's password:
UPDATE users_field_data SET pass='$S$Do7UQjqtEELNccdi92eCXcVJ2KnwUeHrSbK3YhFm8oR3lRJQbMB2' WHERE uid = 1;
In case of Drupal 8 path to script will be:
$ php core/scripts/password-hash.sh 'your-new-pass-here'
Update DB:
UPDATE users_field_data SET pass='$S$Do7UQjqtEELNccdi92eCXcVJ2KnwUeHrSbK3YhFm8oR3lRJQbMB2' WHERE uid = 1;
Clean the cache:
DELETE FROM cache_entity WHERE cid = 'values:user:1';
If you have access to database, then...
Go to the users table in your database and change the admin's email to an email that you have access to.
Afterward, head over to yoursite.com/user/password and enter the email that just changed.
Go to your email and click on the reset link to go into your site and reset your password.
Done!
Tested and it works!
With the access to the table "users" in your Database via PhpMyAdmin for example (i.e. this table can have a prefix that you have already mentionned during the Drupal installation part, so yourPrefix_ can be your project's name as mywebsitename_, and in this case you'll have mywebsitename_users).
You should alter the "pass" column associated with the "uid" column with the value 1 (i.e 1 for the admin user account).
As the encrypted value for the password: Admin_12345 is =>
$S$DifCVXg9tNtHadziyyQJQVLAaZzW5EgS6OjR56D.mk8MpNQs1II2
You can accede to your admin account after replacing the old hashed password value stored in your database that you have totally forgotten.
Don't forget to change the password: Admin_12345 after you accede to your account with an other one.
You can generate query here and run the query in database.

symfony2 get login username while encoding password

Hi i am gooling but without result.
I am trying to check one field in DB while encoding password to user. How?
The service
services:
my_password_encoder:
class: TB\WelcomePageBundle\Security\Encoder\MyPasswordEncoder
<?php
namespace TB\WelcomePageBundle\Security\Encoder;
use Symfony\Component\Security\Core\Encoder\BasePasswordEncoder;
use TB\UserBundle\Entity\User;
class MyPasswordEncoder extends BasePasswordEncoder
{
public function encodePassword($raw, $salt)
{
$user = new User;
$old_or_new=$user->getOldNew();
print_r($user);
print_r($old_or_new);die();
The point:
1. withdrawn one field from DB from current logging user.
2. Depend on the value i need: encode his password MY WAY and log in + CHANGE THE PASSWORD THE SYMFONY WAY and update DB.
3. Depend on the value just use the symfony way.
There is easy condition. The problem is just how i can withdrawn this field + encode password symfony way. (how encode password my way i know). + encode the password not more via my way but symfony and update DB.
My points is to migrate low secure passwords to symfony2. Why? Because i have existing DB where the passwords are encoded my way. So i need to "update" them.
THE MAIN PART OF QUESTION:
HOW CAN I GET THE USERNAME OF USER WHO TRY LOG IN IN ENCODE PASSWORD FUNCTION??? THX!!!

How to change WebDAV password locally

I can't figure out how to change the webdav password. I've done some searching, found many resources of how to add a new user to webdav, but nothing about changing password. Anyone know?
Passwords are stored in webdav.htpasswd file.
If you open it, you will see an entry like this
wampp:XAMPP with WebDAV:bc7f2b670e7e965e307feb30492e642e
That's the entry for user wampp: in realm XAMPP with WebDAV: with password which is encrypted.
To change password, you should use htdigest.exe.
See manual. It is used to create and update user authentication files. You should find in the bin directory of xampp installation.
To do that, do :
htdigest.exe "pathto/webdav.htpasswd" "XAMPP with WebDAV" yourusername
This will be returned:
Adding user yourusername in realm "XAMPP with WebDAV"
You will then be asked for the password for yourusername
New password: yourpassword
Re-type new password: yourpassword
Reference: http://www.apachefriends.org/f/viewtopic.php?f=16&t=38897
Replace the content of the file C:\Program Files\xampp\security\htpasswd.webdav with your username, a colon and the password. Note: Everyone who can see this file can see the password!
Assuming you're talking about doing a password change at the server from a client, I don't believe WebDAV supports such a transaction.
You'd use something like a shell logon or a Web-based admin page to do this.
This always struck me as odd for a lot of network services, for example FTP or email. It seems to be common though.

Resources