Oops You Forgot the Administrator Password

Occassionally we get forum posts from users who have setup mojoPortal content management system but they have forgotten their password, so I thought it would be good to create an article about how to solve the problem.

The solution to the problem varies depending on a few things, such as whether you have changed the password format, whether you have configured email/smtp settings, whether you changed the default admin user name and email yet.

If you have email configured and you changed the admin account to your own email address, then the easiest way is to use the password recovery page, there is a link to this on the login page. However if you don't have a mail server configured or if the account still has the default email address of admin@admin.com then you will not be able to recover it by using the password recovery page so the only way to solve the problem is by direct access to the database.

If you have not changed the password format to encrypted or hashed, then you can see the password by looking at the Pwd field in the mp_Users table, then you can just login now that you know the password. However, if the passwords are encrypted or hashed you won't be able to find out what it is since it will be encrypted or hashed in the database. So, the simplest thing to do is to register a new user on the site with a password that is known to you but using a fake email address not your actual email address, then look in the database and copy the encrypted or hashed value and PasswordSalt from the new user to the admin user, then you can login as the admin user using the same password you used for the new user account. 

Note that if new registrations have been disabled on the site you will need to re-enable it from the database by setting the AllowNewRegistration filed in the mp_Sites table to 1, then touch the web.config file to clear the site settings from cache.

After you get back in you should go ahead and update the admin account to your real email address. Each user must have a unique email address that is why I suggested using a fake one to create the new user in the step above. Alternatively you could have registered with your real email address and then after getting back in as the admin user add your new user to the Administrators role.