how to reset passwords using phpbb.

while we don’t like using open source software (i suppose movabletype is possibly one of the few exceptions), there are always folks who love using phpbb — and then there are folks who love exploiting it.
i decided today that it would be a good idea to disable one of our inactive boards that was getting a lot of hits from spam bots — except that i couldn’t find the login information anywhere.
fortunately, i found out how to reset the password with this nifty little trick that requires, at the mininum, phpMyAdmin (so much for what i say about open-source software).
here’s how it’s done:
1. ftp or log onto the server and navigate to your phpBB directory. download or jot down the values in config.php. (you can bypass this step if you use plesk.)
2. log onto your phpMyAdmin with the username and password that you have written down in step 1.
3. on the left hand navigational bar, click on the phpbb_users table — this is where your username and passwords are stored.
4. click Browse on the top of your screen to view a list of registered users.
5. search for the account that needs its password reset (e.g. Administrator)
6. click Edit (the little pencil icon works too)
7. from the user_password row, click the Function pull-down menu and choose MD5 (your password is stored in an MD5 hash)
8. in the empty box to the right of MD5, replace the password with your new password in plaintext
9. click Go at the bottom of the page.
10. that’s it! now log in with the new password.

Leave a Reply

Post Navigation