Reset password lost without admin redmine account but with admin redmine database account

Added by petit dragon999 about 5 years ago

Yesterday i have migrated from redmine 1.4.x to redmine 2.0.3 and realized that the CAS plugin don't work on redmine 2 (http://www.redmine.org/projects/redmine/wiki/Plugin_List#CAS-single-sign-on-authentication-plugin) ! So i have'nt CAS authentication and I did't have an admin work local account !!

Found in file /app/models/user.rb: 'The hashed password is stored in the following form: SHA1\(salt + SHA1)'
So you can reset password in two steps:
- clear salt
- calculate sha1(sha1(new_password))
For example for the password "password" (without quote) it will be "53bc9eb4d750583f81abcfad5e73fc3e4e38f8ce"
sah1(password)=0bd181063899c9239016320b50d3e896693a96df
sha1(0bd181063899c9239016320b50d3e896693a96df)=53bc9eb4d750583f81abcfad5e73fc3e4e38f8ce

You have to go to redmine database, find "users" table, find user to reset password, clear "salt" field's user and put "53bc9eb4d750583f81abcfad5e73fc3e4e38f8ce" in "hashed_password" field's user and log to redmine with new password 'password' (without quote)

Enjoy ! It saved me ...

Replies (2)

RE: Reset password lost without admin redmine account but with admin redmine database account - Added by ruijun peng about 5 years ago

sha1(sha1(password)) should be:
353e8061f2befecb6818ba0c034c632fb0bcae1b

RE: Reset password lost without admin redmine account but with admin redmine database account - Added by Pawel Orzechowski about 4 years ago

@ ruijun peng, thanks for that hint:-)

I have updated corresponding wiki page with FAQ

(1-2/2)