As a Wordpress fan, I try to avoid any contact with Joomla, but often it just doesn't work. Today I urgently need to change a few small things on a customer's website in order to be able to adjust it optimally to Adwords. Unfortunately, the customer is on the road and I don't have the password. So I thought: No problem, you go quickly to the admin area and use the “Forgot your password” function and briefly change the user email in the user table to mine.
Of course, the blog post would not have come about if it had worked so easily. So let me tell you: Unfortunately, it's not that easy! Again, Joomla is much more cumbersome than Wordpress. But that can perhaps still be sold as a security feature.
The problem with this first attempt was: I can't find any password-forgotten function in the login area. It was probably built out by changing the “mod_login.php” module. So I thought to try another way: I simply copy the admin user and create a new one directly in phpmyadmin. My login, my MD5-encrypted password and my e-mail then appear in the table line. But this attempt also failed.
The first reason is: The password is not only stored with MD5 encryption, but is also supplemented by the SALT. For this reason, the entry is longer than a normal MD5 password. In the middle comes a colon and then the salt. Since I only have relatively little knowledge of the matter, it should be mentioned here that you can temporarily enter the following line as a password so that the password is set to “secret”. But: Please change it immediately afterwards, otherwise you will soon no longer be the master of your blog.
fb36ec4db4b25dbe6ee76f0d3ef819ff:acyRZPjjdqLGvUrBJ4o2E2EZe8harB7J
But there is another reason why you still cannot log in: creating a user in the “prefix_users” table is not enough. I assume you have to add the user somewhere else. But I didn't feel like doing that.
Ultimately, the successful path was this one:
I'm using phpmyadmin in the database and table "prefix_users". There I chose the user who has the value “admin” as “username”. I entered this code as a password for him and copied the code that was previously inside into a text file:
fb36ec4db4b25dbe6ee76f0d3ef819ff:acyRZPjjdqLGvUrBJ4o2E2EZe8harB7J
After that I was able to log in with the combination “admin” as login and “secret” as password. The URL for the admin area is always www.domain.de/administratior/…
Immediately after logging in, a new user (super user and admin) was created and then the old password was copied back to the “admin” user line in the database. I created a new admin and didn't change the old one's password.
Related Articles
Internet Archive – possible uses of the worldwide archive- YouTube Achievements cards and creator awards - a good motivation for creators
- Apple System Status: Find iCloud outages and issues with other Apple services here
- Mac: Find the AT sign (Klammeraffe) on the keyboard of Apple computers
- What is the difference between a plugin and an add-on?
- What is “dogfooding” in the area of hardware and software development?
- Mobile online casino apps for the iPhone at a glance (sponsor)
- What exactly is Markdown?
Jens has been running the blog since 2012. He acts as Sir Apfelot for his readers and helps them with technical problems. In his spare time he rides electric unicycles, takes photos (preferably with the iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions to current bugs.
