Unable to change ADMIN password

visolveemr · September 28, 2017, 4:38am

@Renay Dutkiewicz,

With reference to your post https://sourceforge.net/p/openemr/discussion/202505/thread/e83bbeb9/?limit=25#681c

I am currently locked out of OPENEMR
with the ADMIN user. I attempted the following to reset, however, i am
still unable to login to the OpenEMR.

Copied from the FAQ…
"What do I do if I am locked out of OpenEMR?
If you are locked out of OpenEMR, there are two possible options.

If the administrator can login, then the administrator can change the users password in OpenEMR at Administrators->Users.

If the administrator can not login, then it is more difficult. To do
this, need to modify the administrator’s entry in the users_secure mysql
table. Will need to set the ‘password’ and ‘salt’ for the selected
‘username’ on the mysql entry. Will need to set ‘password’ to
$2a$05$NX3JhLZcQv9vCsWVn2GDT.24dclmvOqmM61VG.QigyShrJm4ssQTq and set
‘salt’ to $2a$05$NX3JhLZcQv9vCsWVn2GDTM$ . The administrator will now be
able to login into OpenEMR with the password ‘pass’.(after doing this,
do recommend then changing the password in OpenEMR at
Administration->Users to something more secure)"

visolveemr · September 28, 2017, 4:41am

Hello Renay Dutkiewicz,

We assume, the hashed password and salt that you are using is from the older version of OpenEMR.
Try the following values to update users_secure table.

update users_secure set password = ‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2Oz61S26s5E80Yd60lKdX4Wy3PBdEufNu’ , salt = ‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2b$’ where id = ‘ADMIN USER ID’;

The administrator will now be able to login into OpenEMR with the password ‘pass’.
After successful login, you can change the password. Hope this will help you.
Please let us know if you have any other clarifications.

Thanks,
ViSolve

brady.miller · September 28, 2017, 7:41am

thanks @visolveemr ,
Guessing the old combo was prior to a fix in the auth stuff we needed to do several years back. I’ll update the wiki FAQ.
-brady

Sam99 · October 23, 2017, 11:51pm

I have tried all the suggestions still unabel to unlock

Sam99 · October 23, 2017, 11:51pm

update users_secure set password = '$2a$05$MKtnxYsfFPlb2mOW7Qzq2Oz61S26s5E80Yd60lKdX4Wy3PBdEufNu' , salt = '$2a$05$MKtnxYsfFPlb2mOW7Qzq2b$’ where id = ‘ADMIN USER ID';

The administrator will now be able to login into OpenEMR with the password ‘pass’.
After successful login, you can change the password. Hope this will help you.
Please let us know if you have any other clarifications.

I have tried all the suggestions still unabel to unlock
Please Help

stephenwaite · October 24, 2017, 12:27am

the below query allowed login as admin with pass from a mysql prompt if you replace ADMIN USER ID with the id which is probably 1

or you could use

where username = 'admin';

if that was the username

mysql>

update users_secure set password = '$2a$05$MKtnxYsfFPlb2mOW7Qzq2Oz61S26s5E80Yd60lKdX4Wy3PBdEufNu' , salt = '$2a$05$MKtnxYsfFPlb2mOW7Qzq2b$' where id = 'ADMIN USER ID';

Query OK, 2 rows affected (0.03 sec)
Rows matched: 2 Changed: 2 Warnings: 0

visolveemr · October 24, 2017, 4:32am

Hello @Sam99,
The query should work with no issue like how @stephenwaite as mentioned.
Please let us know if you receive any error message or warning while query execution. If yes, could you share a screen shot of the same.
If not, then as a next steps we may need to check the ACL tables.

Thanks,
ViSolve

Jeremiah_Ocasio · October 24, 2017, 10:09pm

Ive reset admin user pass via sql to ‘1a1dc91c907325c69271ddf0c944bc72’ and then flushed privileges and reloaded the whole server. Its still not allowing login with the “pass” as expected. Is there a chance the settings for force secure password being enabled is blocking me from access?

visolveemr · October 25, 2017, 4:34am

Hello @Jeremiah_Ocasio,

If you are not able to login into mysql kindly refer this link to change or reset your password - https://www.howtoforge.com/setting-changing-resetting-mysql-root-passwords
If you are not able to login into openemr and you are getting the following error “Invalid username or password”. Try the following steps,

i) Get the admin user id from users table using the following query.

 select id from users where username = 'ADMIN USER NAME';

ii) From that admin user id using the following query update the users_secure table.

update users_secure set password = ‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2Oz61S26s5E80Yd60lKdX4Wy3PBdEufNu’ , salt = ‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2b$’ where id = ‘ADMIN USER ID’;

The administrator will now be able to login into OpenEMR with the password ‘pass’. After successful login, you can change the password. Hope this will help you.

Please let us know if you have any other clarifications.

Thanks,
ViSolve

Jeremiah_Ocasio · November 14, 2017, 7:35pm

Hello Visolveemr,

I found that resetting the password was done but not valid as it did not meet the systems settings for password strength. After going in and updating password requirements to minimal I was able to reset it via SQL as I used to and then get into system and update from GUI.

Thanks for the reply to this one and hope this helps future issues for resetting when password strength is an issue.

Sam99 · November 15, 2017, 4:09am

Jeremiah_Ocasio9h
Hello Visolveemr,

I found that resetting the password was done but not valid as it did not meet the systems settings for password strength. After going in and updating password requirements to minimal I was able to reset it via SQL as I used to and then get into system and update from GUI.
Can you please Guide me step by step I am still having this problem
Thanks

Sam99 · November 15, 2017, 4:09am

Can you please Guide me step by step I am still having this problem
Thanks

visolveemr · November 15, 2017, 4:23am

@Jeremiah_Ocasio ,

Currently, OpenEMR doesn’t have password strength validation feature.The above suggestion was given to reset the user’s password through MySQL .

We will have password strength validation feature in upcoming OpenEMR versions.

ViSolve

Sam99 · November 15, 2017, 4:32am

Thanks for I mean in my SQL if you can share the screenshot where i will make this change
Thanks

visolveemr · November 15, 2017, 4:53am

@Sam99,

Steps to be followed :

1.Login to MySQL using your credentials
2.Select OpenEMR database to which you want reset user’s password

Get the admin user id from users table using the following query.
3.select id from users where username = ‘ADMIN USER NAME’;

From that admin user id using the following query update the users_secure table.
4.update users_secure set password =
‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2Oz61S26s5E80Yd60lKdX4Wy3PBdEufNu’ , salt =
‘$2a$05$MKtnxYsfFPlb2mOW7Qzq2b$’ where id = ‘ADMIN USER ID’;

The administrator will now be able to login into OpenEMR with the
password ‘pass’.

Kindly refer the attached screen shot .

Thanks,
ViSolve

Sam99 · November 15, 2017, 5:26am

Hi visolveemr
Can i share my screen ?? with you on team view?

Sam99 · November 15, 2017, 5:27am

i am using My sql 3.2

visolveemr · November 21, 2017, 9:00am

@Sam99,

What is the error you are getting when you try to reset the password ?
Is it possible to share the screen shot of the error message ?

Thanks,
ViSolve

Ashu_Kurkure · August 28, 2020, 12:24am

This was very helpful. Thanks.

stephengreen · January 11, 2021, 5:20pm

I was locked out of my new 6.0 upgrade and tried this solution, but I get an error saying there is no ‘salt’ field in the table. Was the table structure changed for 6.0, and is there another way to change the ADMIN password for 6.0?