What to Do When You Forgot or Lost Your Drupal Admin Password?

04.12.2024

Losing access to your Drupal admin account can be a stressful experience. Your admin password is the key to maintaining and managing your website and being locked out can halt your ability to make critical updates or manage content. Fortunately, there are several methods to regain access, whether you're using Drupal 7 or the latest version of the system. This guide will walk you through the possible options to reset your password and return to your web page.

The challenges of losing your Drupal admin password

Why is losing a Drupal admin password potentially risky? Without access to the admin account, you're effectively locked out of your website's backend. As a result, you can’t perform essential tasks such as managing users, editing content, installing new modules, or implementing critical security updates. This lack of control can hinder your ability to maintain and grow your website effectively.

Fortunately, there are proven methods to regain access and restore admin privileges. In the sections below, you'll find practical solutions for resetting the password in Drupal 7 and later versions (8 and above). These steps will help you regain control of your website quickly and securely.

How to reset the admin password in Drupal 7?

If you've lost access to your Drupal 7 admin account, don’t worry - there are several ways to solve the problem. Each method varies in complexity and requirements, so you can choose the one that best suits your situation.

Using the 'One-time login link' to reset a password

Drupal 7 has a built-in feature to generate a one-time login link (aka "reset your password"), which allows you to reset your password:

Go to the user login page.
Click on the "Request new password" tab.
Enter your username or email address.
Check your email for the one-time login link.
Follow the link to log in and reset your password.

This method is straightforward but relies on having access to the email associated with the admin account.

Resetting the Drupal password via the database

If you don’t have access to the admin email, you can manually reset the password using your database. How to do it?

Access your Drupal database using phpMyAdmin or a similar tool.
Locate the "users" table.
Find the record for the admin user.
Use a tool to generate a hashed password (MD5, a message-digest algorithm).
Update the password field with the new hashed password.

Here's an example SQL command to update the password:

sql UPDATE users SET pass = MD5('newpassword') WHERE uid = 1;

Replace 'newpassword' with your desired password.

This method requires database access and basic SQL knowledge.

Using Drush to recover your password

Drush (Drupal Shell) is a powerful command-line tool for managing Drupal websites. Your server or website might have it installed, as it is quite common.

Open your terminal or command prompt.
Navigate to your Drupal website’s root directory.
Run the command:

drush upwd admin --password="newpassword"

This assumes your administrator user name is admin. If you aren’t sure what your username is, you can generate a one-time login link, which you can paste into the browser and reset the password via the browser, as described earlier.

The command for doing this is as follows:

drush uli

How to recover the password in other versions of Drupal (8 and newer)?

Drupal 8 and newer versions offer both user-friendly and advanced solutions to reset your password, depending on your position.

Resetting password with the 'One-time login link'

Similar to Drupal 7, higher versions of Drupal also provide a one-time login link feature:

Visit the user login page.
Select the "Request new password" tab.
Input your username or associated email address.
Look in your email inbox for the one-time login link.
Use the link to access your account and create a new password.

This process is user-friendly and efficient if you can access the registered email.

Using Database to reset a Drupal password

For manual password resets, follow these steps:

Access your Drupal database using phpMyAdmin or a similar tool.
Locate the “users_field_data” table.
Find the record for the admin user (user 1).
Generate a hash key by running a command on the server

php core/scripts/password-hash.sh 'newPassword'

Update the "pass" field with the new hashed password.

Here's an example SQL command to update the password:

UPDATE users_field_data SET pass='$S$Esr2N84Ii/ip6vyYIX1hpqXGNapQxmhskLdLBjFUmDN92r5rAKM6
' WHERE uid = 1;
DELETE FROM cache_entity WHERE cid = 'values:user:1';

Ensure to replace 'newhashedpassword' with the actual hashed password.

You could also, of course, do this via phpMyAdmin.

Using Drush for resetting a Drupal password

For the later Drupal versions (such as Drupal 10, 9, and 8), Drush remains a handy tool:

Open your terminal or command prompt.
Navigate to your Drupal website’s root directory.
Run the command:

  drush user-password admin --password="newpassword"

Drush commands can significantly streamline your workflow.

This method assumes that your administrator username is "admin." If you're unsure of your username, you can generate a one-time login link, copy it, and open it in your browser to reset your password, following the steps mentioned earlier.

The command for doing this is as follows.

drush uli

Additional resources about Drupal passwords

How to reset the admin password in Drupal? Summary

Recovering access to your Drupal admin account is essential for keeping your website running smoothly. Whether you're using Drupal 7 or one of the newer versions, the steps outlined above provide practical solutions to reset your password and regain control of your website. To avoid similar challenges in the future, consider implementing preventive measures like secure password practices and backups. If you need any assistance, feel free to reach out. We specialize in Drupal development and can help you manage and secure your website effectively.