© 2015 X2Engine Inc.

Manually Resetting Passwords

From X2Engine
Jump to: navigation, search


This is an alternate method for resetting passwords, in the event that using the native password reset feature does not work due to improper configuration.

If an ordinary user has lost/forgotten their password:

  1. Log in to X2Engine as an administrator
  2. Go to the "Users" module by following the link in the top bar.
  3. Click on the user, and then click "update"
  4. Enter a new password into the Password field.

If the web application's administrator's password has been lost, you will need:

  • Direct access to the database using PHPMyAdmin or some other means
  • (optionally) a software tool for generating MD5 hashes

To reset the password:

  1. Come up with a new secure password and make note of it.
  2. Generate an MD5 hash of the new password, if an MD5 tool is available. Otherwise, the string 5f4dcc3b5aa765d61d8327deb882cf99 can be used (it is the MD5 hash of "password" in all lower-case).
  3. Log into the database.
  4. Set the "password" field in the users table to the new MD5 hash on the admin user, i.e. to set it to lowercase "password" for user "admin":
    UPDATE x2_users SET password='5f4dcc3b5aa765d61d8327deb882cf99' WHERE username='admin';
    
  5. If "password" was used as the password, log in immediately as the administrator and change the password to something else.