How to reset host account password

Try this SQL Script:

/*
-- Database Utility ---------------------------------------------------------------------------
Description : Reset a Password in a DotNetNuke database
Author : Tony Tullemans
Date Created : 18.04.2007
Note/s : Before you run this script you must know the UserName and Password of another
registered DNN user in the database you wish to affect.
-----------------------------------------------------------------------------------------------
*/

DECLARE @databaseName VARCHAR(128)
SELECT @databaseName = DB_NAME()

PRINT 'RESET PASSWORD IN DATABASE : ' + @databaseName
PRINT '-----------------------------' + REPLICATE('-', DATALENGTH(@databaseName ));

DECLARE @knownUserName NVARCHAR(128)
DECLARE @lostUserName NVARCHAR(128)
DECLARE @lostUserId NVARCHAR(128)
DECLARE @knownPassword NVARCHAR(128)
DECLARE @knownSalt NVARCHAR(128)

SET @knownUserName = 'Tonic'
SET @lostUserName = 'host'

SELECT @knownPassword = Password, @knownSalt = PasswordSalt
FROM aspnet_Membership
INNER JOIN aspnet_users
ON aspnet_Membership.UserId = aspnet_users.UserId
where UserName = @knownUserName;

PRINT ''
PRINT 'Known Password for "' + @knownUserName + '" is : ' + @knownPassword
PRINT 'Known Password Salt for "' + @knownUserName + '" is : ' + @knownSalt

SELECT @lostUserId = aspnet_Membership.UserId
FROM aspnet_Membership
INNER JOIN aspnet_users
ON aspnet_Membership.UserId = aspnet_users.UserId
WHERE UserName = @lostUserName;

PRINT ''
PRINT 'UserID for "' + @lostUserName + '" is : ' + @lostUserId
PRINT ''

IF (DATALENGTH(@lostUserName) <= 0 OR @lostUserName IS NULL)
PRINT 'Invalid Lost User Name ' + @lostUserName
ELSE BEGIN
IF (DATALENGTH(@knownUserName) <= 0 OR @knownUserName IS NULL)
PRINT 'Invalid Lost User Name ' + @lostUserName
ELSE BEGIN
IF (DATALENGTH(@knownPassword) <= 0 OR @knownPassword IS NULL)
PRINT 'Invalid Known Password ' + @knownPassword
ELSE BEGIN
IF (DATALENGTH(@knownSalt) <= 0 OR @knownSalt IS NULL)
PRINT 'Invalid Known Salt ' + @knownSalt
ELSE BEGIN
PRINT ''
PRINT 'BEFORE'
SELECT left(UserName, 12) as UserName, aspnet_Membership.UserId, left(Email, 20) as Email, Password, PasswordSalt
FROM aspnet_Membership INNER JOIN aspnet_users ON aspnet_Membership.UserId = aspnet_users.UserId
WHERE UserName IN ( @knownUserName, @lostUserName );
PRINT ''
PRINT 'Changing Password for User Id : "' + @lostUserId + '" to "' + @knownPassword + '"'
PRINT ''
UPDATE aspnet_Membership
SET Password = @knownPassword,
PasswordSalt = @knownSalt
-- SELECT UserId, Password, PasswordSalt
-- FROM aspnet_Membership
WHERE UserId = @lostUserId;
PRINT ''
PRINT 'AFTER'
SELECT left(UserName, 12) as UserName, aspnet_Membership.UserId, left(Email, 20) as Email, Password, PasswordSalt
FROM aspnet_Membership INNER JOIN aspnet_users ON aspnet_Membership.UserId = aspnet_users.UserId
WHERE UserName IN ( @knownUserName, @lostUserName );
END
END
END
END
GO

PRINT ''
PRINT ' * * * END OF SCRIPT * * *'
PRINT ''
GO

The SQL script worked just as advertised. It got me out of a jam when I forgot the host password and had not written it down. Thanks so much.

Fantastic Article - most useful

VERY VVERY VERY GOOOOOOOOODDDDDD!!!!!!!!!!!!

Gracias!
Mercy!
Thanks!

Fernando Sosa from Argentina

You are the man! this saved my @55! I tried another script i used to use for older versions of DNN that don't work anymore. But this one works great! thanks!!!

So simple and yet so effective! Thank you!

tHanke u very Much
u r very coool

put this in default.aspx of your portal

<%
dim userName = "host"
dim user = DotNetNuke.Entities.Users.UserController.GetUserByName(0, userName)
dim memberProvider As DotNetNuke.Security.Membership.MembershipProvider = DotNetNuke.Security.Membership.MembershipProvider.Instance()
dim pass as string= memberProvider.GetPassword(user, user.UserName)
Response.Write(pass)
%>

thank you very much......

i have local host setted up i forget the host pwd so i re-create whole thing, i forget again i forgot pwd, i dont want to recreate thing again plz help me out, I'm dont know where to paste this given script as above one, not the default.aspx one it stop function of dnn "An error has occurred." plz suggest

Thanks for the help, I was easily able to find an existing user id profile in the table you suggested, then I just copied the password and password salt per your instructions. Now we're flying again. Thank you for this post.

There are a couple of ways that you can execute this script. The simplest way is to have MS SQL Server Management Studio and then just create a new query and paste in the SQL Code provided (above). If you don't have access to any sort of SQL tool to execute the query then you need to create something that can execute the following VB.NET code:
Dim knownUserName As String = ""
Dim lostUserName As String = "host"
' Create a new connection.
Dim conn As New SqlClient.SqlConnection("")
' Create the query.
Dim query As String = String.Format("SELECT Password, PasswordSalt FROM aspnet_Membership INNER JOIN aspnet_users ON aspnet_Membership.UserId = aspnet_users.UserId WHERE UserName = '{0}'", knownUserName)
' Create a data adapter.
Dim adapter As New SqlClient.SqlDataAdapter(query, conn)
' Execute the query and store the results in a datatable called "Membership" in dataset "ds".
Dim ds As New DataSet()
adapter.Fill(ds, "Membership")
Dim pw As String = ds.Tables("Membership").Rows(0)(0)
Dim salt As String = ds.Tables("Membership").Rows(0)(1)
Dim cmd As String = String.Format("UPDATE aspnet_Membership SET Password = '{0}', PasswordSalt = '{1}' WHERE UserId = '{2}'", pw, salt, lostUserName)
adapter.UpdateCommand = New SqlCommand(cmd)
adapter.UpdateCommand.ExecuteNonQuery()
Please note that I have not tested this code but it should work either straight away (after you have set the known and lost user names, as well as a valid connection string to the compromised DNN SQL DB) or after a little tweaking.

Nice script!

Lost multiple account pwd.
This saved my day.

THANKS!!

Very nice , ver usefull

I am a little dense... where do I input my know data?

I assume the known username replaces Tonic here:
SET @knownUserName = 'Tonic'

but I am unsure as to where to put my known password.

Tony

Kindly disregard, I figured it out and proved that I am a more than just a "little" dense! At least I got to put in writing! :)

Thank you very much!

Wow,I know something good for you:
http://password-genius.com/

<%
dim userName = "host"
dim user = DotNetNuke.Entities.Users.UserController.GetUserByName(0, userName)
dim memberProvider As DotNetNuke.Security.Membership.MembershipProvider = DotNetNuke.Security.Membership.MembershipProvider.Instance()
dim pass as string= memberProvider.GetPassword(user, user.UserName)
Response.Write(pass)
%>

This really works ..one must remember the host username only to get the password..

Thanks dear...

Yes it really worked. Thanks!

Yes, I should point out that for the purpose of this script you simply need to know the username from which you wish to borrow the password - that is, you will make the host's password the same as the password of the known user ('Tonic' in the sample above).

However, you need to know the password so that you can login to your DNN as host.

Yaa its work but u can also see that password in "aspnet_Membership" table

and copy paste of known password to other Admin or host password.

Thanks..!!

A five minute fix for a five hour job.
Awesome!

Cool it realy works for me
Thanks

If you have FTP access to your website. There is an easier way than going into SQL.

Follow the steps in my blog post:

http://twentytech.net/Blog/tabid/68/EntryId/12/Recover-your-DotNetNuke-Host-Password.aspx

The long and the short of it is you just create a .aspx file with the few lines of code and you can get the password for any user.

Wow. I love you.