Usually, you can add, edit and delete users and passwords from the back-end User Manager. To do this, you must be logged in as a member of the Super Administrator group. In certain situations, this may not be possible. For example, your site may have been “hacked” and had the passwords or users changed. Or perhaps the person who knew the passwords is no longer available. Or maybe you have forgotten the password that was used.
In these cases, it is still possible to fix the problem in the Joomla database so you can log back in as a Super Administrator.
Change the Password in the Database
If the admin user is still defined, the simplest option is to change the password in the database to a known value. This requires that you have access to the MySQL database using phpMyAdmin or another client.
- Navigate to phpMyAdmin and select the database for the Joomla site in the left-hand side drop-down list box. This will show the database tables on the left side of the screen.
- Click on the table “jos_users” in the list of tables (note: you may have a prefix that is not jos_, simply go to the _users table for your prefix).
- Click on the “Browse” button in the top toolbar. This will show all of the users that are set up for this site.
- Find the user whose password you want to change and press the Edit icon for this row.
- A form will display that allows you to edit the password field. Copy the value
Into the password field and press the Go button. phpMyAdmin should display the message “Affected rows: 1”. At this point, the password should be changed to “secret”.
Log in with this user and password and change the password of this user to a secure value. Check all of the users using the User Manager to make sure they are legitimate. If you have been hacked, you may want to change all of the passwords on the site.