Clive Walkden

PHP, MySQL, HTML5, CSS3, jQuery code and ideas.

Magento 2 Blog Posts

Magento 2 admin password history reset

Magento 2 admin password history reset

in Magento 2
by
with 0 Comments

Magento 2 (by default) forces admin users to reset their passwords every 90 days. This is great for security and I'm extremely happy that I don't have to remind clients to update their password every x number of days. 

The only issue I have is that the staging environment admin is worked on by many different people in the office and we like a consistent password for this development process. Rather than turning the system off and the settings being pushed to the live site accidentally we can access the database and reset the password history for a user.

When you access your database you should see something similar to the below image.

Magento 2 Admin Password history table

This table records the user, password hash, the date the password expires and the time it was last updated. If you try to change your password in the Magento 2 Admin area it will check this table against the new password and reject the change if it matches your new hash against any hash recorded against your user.

In my example I'm going to update the user_id 1. Simply delete all but the last record for that user. In this case it would be records 3, 4, 8, 9. Now when I change my password I can use something that has been used before without Magento 2 returning an error.

Important
Please do not do this on a live environment as it is there to protect your admin accounts security.

comments powered by Disqus