Learn Ghost

Young blogging platform build on tope of node.js for fast loading speed and easy scalability!

• Last Updated: 07/02/2020
• ( 5 minutes reading )

How to change the admin password of your Ghost blog if you get Locked Out

Introduction

Have you ever been in a situation where you have forgotten your Ghost Blog admin password, and you are no longer able to log in? In this tutorial, we will introduce three methods for resetting the admin password:

  • By executing SQLite query over the Command Line (SSH)
  • By executing MySQL query over the Command Line (SSH)
  • By executing MySQL query through the phpMyAdmin tool integrated into cPanel

Before we start the guide, let’s explain the difference between MySQL and SQLite.

SQLite is an RDBMS (Relational Database Management System), which is usually contained within a file on the server and does not require a specific server to run. It can be referred to as an “embedded” database as it typically runs as part of the app itself.

MySQL is also an RBDMS, however, it has a server-client type of communication and typically requires authentication. In addition to that, MySQL is the more secure option due to the authentication, and it is a better choice if you are planning on growing your website really big.

 

Resetting your password over SSH with an SQLite query

First, you need to access your hosting account over SSH. After you have logged in, please use the “cd” command provided in the Linux Command Line Basics to navigate to your Ghost Blog root directory.

 

Navigate to Ghost Root Directory over SSH

 

If you do not know where your root directory is, please check our knowledge base article on How to find your website’s root directory.

After entering your website’s root directory, please execute the following command: 

 

cd /content/data/

 

This command will take you to the folder which contains your website’s SQLite file. In most cases, it will be called ghost-local.db, or something similar. Once there, please execute the next required command:

 

sqlite3 ghost.db

 

Upon doing that, you will enter the SQLite console and will be able to insert the queries.

 

Ghost SQLite Console

 

To do so, please go to an online tool intended for generating a temporal BCrypt hash. A great example of such is Password Hashing. When there, please enter the desired password in the text field and then press the “Generate Hash” button.

 

Generate BCrypt Hash for Ghost

 

When you acquire the hash, please go back to your SSH terminal where the SQLite console should be running and enter the following line of code:

 

UPDATE users SET password='<<PASTE_HASH_HERE>>' WHERE email = '<<YOUR_EMAIL_ADDRESS>>'; 

 

Make sure to replace <<PASTE_HASH_HERE>> with the hash you have just generated and replace <<YOUR_EMAIL_ADDRESS>> with the email address associated with your Ghost Admin account. For example:

 

UPDATE users SET password='$2b$10$uZZkY2A4Zerlo8OI.cuWCu8z5n91abpVphY5pf8pd7/fHOeuYzbbe' WHERE email='[email protected]';

 

Finally, hit the “ENTER” button. Note that there will be no confirmation message. If the query is accepted, the line will be refreshed.

 

SQLite Query successfully accepted

 

To leave the SQLite console, please type in:

 

.exit

 

You should now be able to log inside your Ghost blog with the newly set password!

 

Resetting your password over SSH with a MySQL query

To change your password with MySQL query, please log into your hosting account over SSH.

Once logged, please enter the following command:

 

mysql -u<database_username> -p<database name>

 

You have to replace the <database_username> string with your actual database username, and the <database namestring with the actual name of the database connected to your Ghost website.

To execute the command, please hit the “ENTER” key on your keyboard. Here is an example:

 

mysql -unossl_ghost -p nossl_ghost

 

This will trigger an additional prompt, requiring your MySQL database password. If all the provided details are correct, you should be inside the MySQL console, and you can now submit the query to change your password.

 

Ghost MySQL Console SSH

 

Similarly to the previous example, you have to generate a temporal BCrypt hash. You can use an online tool such as Password Hashing. When there, please enter the desired password in the text field and then press the “Generate Hash” button.

 

Generate BCrypt Hash for Ghost

 

When you acquire the hash, please go back to your SSH terminal where the MySQL console should be running and enter the following line of code:

 

UPDATE users SET password='<<PASTE_HASH_HERE>>' WHERE email = '<<YOUR_EMAIL_ADDRESS>>';

 

Make sure to replace <<PASTE_HASH_HERE>> with the hash you have just generated and replace <<YOUR_EMAIL_ADDRESS>> with the email address associated with your Ghost Admin account. For example:

 

UPDATE users SET password='$2b$10$uZZkY2A4Zerlo8OI.cuWCu8z5n91abpVphY5pf8pd7/fHOeuYzbbe' WHERE email='[email protected]';

 

Lastly, hit the “ENTER” button. You should receive the following message indicating the change was successful:

 

Query OK, 1 row affected (0.00 sec) Rows matched: 1  Changed: 1  Warnings: 0

 

Ghost MySQL Query Successful

 

To leave the MySQL console, please execute:

 

exit

 

You should now be able to log inside your Ghost blog with the newly set password!

 

Resetting your password through phpMyAdmin with a MySQL query

If you are not comfortable working over the Command Line, you can proceed with the password reset through the phpMyAdmin tool integrated into cPanel.

For a start, please log into your cPanel account. In our How to run SQL queries in phpMyAdmin tutorial, you will find instructions on how to reach the section within phpMyAdmin where the SQL codes should be submitted.

You will also need to generate a temporal BCrypt hash. You can do that by using an online tool such as Password Hashing. To create the hash with the suggested tool, please enter the desired password in the text field and then press the “Generate Hash” button.

 

Generate BCrypt Hash for Ghost

 

When you obtain the required BCrypt hash, please go back to phpMyAdmin and enter the following code into the content box:

 

UPDATE users SET password='<<PASTE_HASH_HERE>>' WHERE email = '<<YOUR_EMAIL_ADDRESS>>';

 

Make sure to replace <<PASTE_HASH_HERE>> with the hash you have just generated and replace <<YOUR_EMAIL_ADDRESS>> with the email address associated with your Ghost Admin account. For example:

 

UPDATE users SET password='$2b$10$uZZkY2A4Zerlo8OI.cuWCu8z5n91abpVphY5pf8pd7/fHOeuYzbbe' WHERE email='[email protected]';

 

Execute MySQL query in phpMyAdmin

 

Afterward, please hit the “Go” button to execute the query.

Upon doing that, you will be prompted with a "1 row affected. (Query took 0.0016 seconds.)" message indicating change is applied successfully.

 

MySQL Query successfully executed in phpMyAdmin

 

You should now be able to log into your Ghost blog with the newly set password!

 

If none of the above methods of resetting your password is something you are comfortable doing on your own, please feel free to reach our technicians by submitting a support ticket from your Client Area.

 

 

...
Sebahat
Content Marketing Specialist

Sebahat is a young and bright woman who has become an invaluable part of our team. She started as a Customer Care Representative, mastering that role and, along the way, growing into a tech-savvy individual who is well acquainted with every support layer of the company. Driven by her aim to improve our customers’ experience constantly, she is committed to enhancing the extraordinary support we deliver.