Hi all It seems i thought i know what my login and password was but i can remember so i checked the phpadmin DB and found the login but password is all numbers ect about 20 and i copyed them to the admin login but still no joy and i keep getting emails to me saying login attempt failed??

any ideas??

Craig

The password is saved as a md5 hash. It is not possible the reconstruct the original password.

Instead go to your MySQL admin tool (eg. phpMyAdmin) and use this SQL Query:

update ost_staff set passwd = md5(yournewpassword) where username='admin';

Did you really expect to find your password plain text in the DB? Passwords should always be encrypted, just like they are in this case.

Anyway, what you can do is set the password in the db to: 04ca3c2a1ee24aa29541a0de2a822455 and then try to login with your username and adermin as a password.

Edit: torusturtle was a little faster and has a good solution as well.

Thanks for help and no i didnt intend on finding actual password but i guess at least i know where to check if the problem just was not too sure which section :)

Cheers for help though
Just a point to make it would be really Good if there was a "FORGOT password" in admin as in many other scripts. and also i was not sure it blocked me out for so long as in a few shopping cart scripts i use :)

thanks any way

HI I really appriciate your help and i tried all of them did the sql as said and got error:

#1054 - Unknown column 'yournewpassword' in 'field list'

obviously i used my own password but same thing

i used ecactly this

update ost_staff set passwd = md5(yournewpassword) where username='admin';

I can see the user name and password there when i browse the ost_staff but it still will not let me log in??

Use this:

UPDATE `ost_staff` SET `passwd` = '21232f297a57a5a743894a0e4a801fc3' WHERE `ost_staff`.`staff_id` =1 LIMIT 1 ;

This sets the password to 'admin'.

So when you login, use the first account you made and login with the password admin.

If that doesn't work try this:
UPDATE `ost_staff` SET `passwd` = '21232f297a57a5a743894a0e4a801fc3' WHERE `username` = 'admin' LIMIT 1 ;

Again, you would login with the following information:
Username: admin
Password: admin

Once you are able to login, I suggest to change your password to something else.

Use this:



This sets the password to 'admin'.

So when you login, use the first account you made and login with the password admin.

If that doesn't work try this:


Again, you would login with the following information:
Username: admin
Password: admin

Once you are able to login, I suggest to change your password to something else.


where do we type that???

I assume you want to know where you can type the sql query? This can be entered in phpMyAdmin, or you can also create a little php script that executes this code.

I assume you want to know where you can type the sql query? This can be entered in phpMyAdmin, or you can also create a little php script that executes this code.

thanks
I just did a reinstall
It was faster !!!

It was a clean install anyway

Thanks,
Joe

Ok, first of all, get phpmyadmin or MySQL Administrator, you can do sql entries with either.

Secondly... the sql code torusturtle gave does work, you just have to change it slightly with MySQL Administrator, I don't know about phpmyadmin as I haven't tried it.

update dbname.ost_staff set passwd = md5("yournewpassword") where username='admin';

The dbname.ost_staff, I had more than one db meaning I had to supply a db name, so you may not have to do that and may be able to just use ost_staff instead. If you do need to supply one though, change dbname to the name of your database, such as helpdesk.ost_staff or whatever your db name is. The yournewpassword part MUST be in quotes or sql thinks it that yournewpassword is an sql command and starts scratching it's head. Basically, you get the same error that 365giveaway got if you don't have the quotes.

Thanks torusturtle, I should have known it was just an md5 hashing of the password but sometimes programmers throw in a few twists when it comes to encrypting passwords for php databases. You saved me a lot of time and saved me from a headache.

Hello,

I played the dope and forgot my password too... :mad:

Anyhow, thanks for the advice on how to reset it in the db... will be doing that shortly. My question is this:

I've been getting multiple "Excessive Login Attempts" notices, which seem to be accruing regardless of which browser I use or whether or not I clear the cache and cookies, it appears to be IP based. So how long will osTicket make me wait before I CAN attempt to login again? It appears to be blocking all login attempts from my IP at the moment.

How long is the "Time-Out" for excessive login attempts? I've actually tried waiting hours and it still had me locked-out on the first failed attempt to login.

Also, how many failed logins within what period of time, does it take to trigger the "excessive login" time-out?

Thanks for the help!

I'll try not to be a dummy next time!
:D Jeff

im reading this and scratching my head... wouldnt it be easier to just be able to turn off the md5 hash momentarily with admin control and just put a text pw in there so we can log on and then turn it back on and change the pw..

or even somewhere to create a duplicate hash as i have found the old pw and need to put the hash back.. no i didnt save it.. my bad..

im gonna read this over and over again till i can figure this out..

and i agree totally, a lost pw function is a great idea..

UPDATE ..............

ok here is an update, IM IN.. yahhhhh lol the copy of the hash code above worked with the pw adermin.. thanks so much pw is changed grooooooooovyyyyyyy thanks everyone..

I tried a different way to get the admin password (21232f297a57a5a743894a0e4a801fc3) to work.

In the Browse area of phpAdmin I chose my staff DB and placed the code from above into the password field. It worked fine.

Tried the query the db. Not sure how to do that successfully.
Thanks.

Simcoe