Here's another way to reset the admin password if you don't have phpMyAdmin installed.

Create new file conf/hacks.php with this code

<?php

if( isset($_GET['reset_admin_pass']) )
{
	global $Messages, $DB;
	
	$new_pass = generate_random_passwd( $length = 8 );
	
	$sql = 'UPDATE T_users
			SET user_pass = '.$DB->quote( md5($new_pass) ).'
			WHERE user_ID = 1';
	
	if( $DB->query($sql) )
	{
		$msg = 'Admin password changed to "<b>'.$new_pass.'</b>"<br /><br />You should now remove the password reset code from conf/hacks.php';
		
		$Messages->add( $msg, 'success' );
	}
}

?>

Type the following in address bar to reset the password

YOUR_BLOG/index.php?reset_admin_pass

Do nor forget to delete the file conf/hacks.php once you're done! otherwise anyone will be able to reset your password at any time!

Let's pretend I don't have a clue as to what you're talking about. I don't. Where do I look for 'phpMyAdmin'?

I am able to look at the Blog directory in http://www.theonlinewriter.com/blog/ but beyond that, I'm stuck. The problem is, I don't know what I called 'YOUR_BLOG' so am unable to look at anything at all. I might be able to GUESS the password I used (I have a pretty good idea as to what that is) but I cannot remember nor have I documented (anywhere that I have found) the actual name of my blog.

How would I invoke 'phpMyAdmin'? Doesn't the suggestion posted by sam2kb presume I know how to get to 'YOUR_BLOG'? I guess I feel like an idiot, but it has been 6 months since I updated my blog. I have migrated across two new PCs, and somewhere along the way inadvertently dropped the password (and Blog name) that I used when I set this up.

I know that the email address I used was jbmoss@addr1.com and I was hoping that somehow this would be a validation tool to support my being the author and owner of the blog. I just need to know what I named the blog - and I'm stuck at this point.

Thank you for your reply.

OK, I got to the point where I have added to conf/hacks.php to my blog, and when I enter "MY_BLOG/index.php?reset_admin_pass" all I get is my blog page with a lot of black text at the top, representing the php code (I guess) of hacks.php. What should I have done differently?

Sorry for the delay - it has taken me this long to get beyond 'idiot' stage, but I'm still floundering.

Hello @jbmoss,

Please tell us if you have reviewed this page: http://b2evolution.net/man/user-guide/logging-in/lost-password, specially this section:

If you do not understand those instructions, please contact your hosting provider’s tech support and ask them to do this operation for you.

Sometimes, is way much easier trying to do it this way than dealing with code hacks.

Thanks.

Just for the records, and because the screenshots of the original post are not available any more.

1) Go to phpMyAdmin
2) Look for the table T_users (T_ is usually equivalent to evo_, but it depends of each installation).
3) Find the user whose password will be changed.
4) Click on "Edit".
5) Go to the user_pass row, select MD5 from the functions list and type in the new password.
6) Click on "Go"

That's it.

NOTE: this trick works only in version 5.2.x and below, since version 6 b2evolution starts using a different encoding mechanism.

"NOTE: this trick works only in version 5.2.x and below, since version 6 b2evolution starts using a different encoding mechanism."

Is there a trick for 6.4.x - other than blowing away the install and starting again? I followed the link above to the manual, but it just points straight back to this thread.

Not to worry, I reinstalled.

I noticed you are using another trick.
I cannot figure out how to recover, as the field user_pass has changed from char(32) to bnary(16)
So these above mentioned tricks are all obsolete, and this is also true for this thread as from for 6.x.

In addition to being binary, the password is now hashed to prevent reverse dictionary attacks.

We will post a new script that works with v6 here Asap.

New script to change a password on v6.

Create a new file in the root "/hacks.php" with the following code:

<?php
require_once dirname(__FILE__).'/conf/_config.php';
require_once $inc_path.'_main.inc.php';

if( param( 'reset_admin_pass', 'string' ) == 'your_secret_key' )
{
	$your_user_ID = 1; // ID of your admin user

	$UserCache = & get_UserCache();
	$User = & $UserCache->get_by_ID( $your_user_ID );

	$new_pass = generate_random_passwd();
	$User->set_password( $new_pass );

	if( $User->dbupdate() )
	{
		$Messages->add( 'Admin password changed to "<b>'.$new_pass.'</b>"', 'success' );
		$Messages->add( 'You should now remove the file /hacks.php', 'success' );
		$Messages->display();
	}
}
?>

Then call an url http://YOUR_SITE.com/hacks.php?reset_admin_pass=your_secret_key

Do not forget to delete the file /hacks.php once you're done! otherwise anyone will be able to reset your password at any time!

Note: ideally you should change your_secret_key in the code and in the url when you call the script. This way it's harder for anyone else but you to use the script.

@yurabakh

) Great Job!

I tried the file that yurabakhtin created for v6, but I am using 6.11.1 - All I got was a white screen. Help!

@reid_cornwell

Hi until you get a script I wonder if this will work

a) Backup database
b) if you have the option of registering as a new user > do that
c) using phpMyAdmin give the new user admin rights
d) delete old admin/user and rename new one if you want to keep the original user_name
e) Maybe not d) as it may delete associated posts etc.?

Thanks, amoun ! I am trying to install on a development location.
I have started to do a new install of b2evo 6.10.7. (which is really a reinstall) I deleted all code and db.
As of this moment I am trying to make sure mysql and php are running with no errors
localhost is IIS 7.5 on Windows 7. Have installed fastcgi in IIS - php is a fastcgi client - both php_mysql and php_mysqli are installed. This begs the question - are both of these extensions required? If not, which one.
I have php 7.2.17 and mysql 5.7.26 - this is the same as Bluehost production server. I have tried to mimic bluehost on my server
I am using mysql community server and workbench as the management api

I know my windows world is not supported in the b2evolution world!