Have you ever forgotten a password that you didn’t really use that often and was stored in via a password manager? Well that’s what happened here after losing a laptop to an unspecified hard drive error recently. Unluckily I had stored all my blog management passwords in an area that was not backed up adequately so I needed to reset my password. Also unfortunately, the mail configuration for my website was inoperable due to my Azure Websites configuration, which meant that I could use the built in interface for resetting a password.
I lost my password now what?
A quick search for the topic on bing/google/astalavisa shows that when your website is hosted using Php & MySQL that it is trivially easy to reset your password by using the MD5 Command in the PhpMyAdmin interface. My configuration is hosted using an Azure SQL Sever though and not using the MySQL Backend as is typical. So I took this information and found that you can update your password in the wp_users table if you have the MD5 function generate a new password for you on your server which is what I am going to walk you through.
First things first, get access to your SQL Database
Any way you want to tackle the problem of restoring access, the first step is to gain SQL Access to your environments. Perhaps you’re a diligent administrator that has all their SQL passwords stored safely, in this case we’ll assume you’re like me and forget to save these important things. You’ll need to get access to the Azure Portal at https://manage.windowsazure.com/ (For Now). Go down to your SQL Databases and choose the one you set up for your WordPress installation. You’ll arrive at the base database management site where you’ll choose to open the database in visual studio You’ll have to confirm you want to perform the action of opening it in visual studio This will launch visual studio and prompt you to connect to a SQL Server that is Azure Based. Now you’ll need to know your SQL Credentials to Authenticate via Visual Studio If you know your credentials, Great! If not Lets move on to the next step, finding those credentials.
What if I don’t know my Azure SQL Server Credentials?
That’s a good question, luckily we have a connection string that we can reference in our Azure Web Site that exposes this information. Back in the Azure Management portal navigate over to the azure website that is hosting your WordPress instance and select it in the browser. Once you’ve reached this screen, select the Configure option on the top to be taken to the Azure Web Site properties Scroll all the way to the bottom of the configuration screen until you reach the section that is called Connection Strings. Here you can find the credentials that are used to connect to your Azure SQL Server. Click Show Connection Strings to reveal the strings that are masked by default. This will transform the text to a selectable box with shows the full connection string. Click Show Connection Strings to reveal the strings that are masked by default. This will transform the text to a selectable box with shows the full connection string. You now know your SQL Crednetials, its time to Connect The SQL Azure Database in Visual Studio.
Connecting to SQL Azure in Visual Studio
We now know the SQL Azure Host Name, The Login Account, and the Password associated with that account. What remains is to actual perform the connection to the Azure SQL Database. Copy the password from the referenced connection string over to the visual studio login dialog. You should now be able to navigate down to the Database in Visual Studio. Select the wp_users database in the explorer. If you right click on the database and select View Data you’ll be presented a list of users that are configured and also their hashed passwords The problem is that you know that this is a MD5 Hashed password, how do we get a hashed password that will work for this environment since each one can be unique for several reasons.
Generating a new password hash
Since we have the ability to deploy new files to our environment, we can create a file for the explicit purpose of generating a hash that works in this environment. On your desktop or another location on you computer, create a text file that is named test.php. Modify this file in notepad and insert the following lines of code: <?php $test = md5(‘temporarypass’) ; echo “$test”; ?> Now we’ve created a temporary pass that we’re going to generate in our website so now we need to upload this file to our website. Easily done if you have your deployment credentials set up in Azure Management for Web Sites. If you don’t, it’s not a problem. Back in the management interface for the Website, you can select Reset your deployment credentials. Which will prompt you to generate a new password for your website access via FTP. Create a new password and you’re off to the races. Now that you know your password and login name, the next step is to find the FTP host that we’ll connect. If you choose the Dashboard screen on the website management page, you’ll be able to see the connection information on the lower right of the screen after you scroll for a little bit. We can now use this information to connect to connect via FTP and deploy our test.php file to the website. You can use any FTP client that you want however I will be using FileZilla to Connect. Once you connect you need to navigate to the /site/wwwroot location in the FTP Server Transfer the test.php to the root folder of the website and verify that it’s been upload. Once the file is uploaded, access the file via a web browser and get the generated hash from your website. Now we have a hash that has been generated from our environment and we know that hash corresponds to our temporary password that we created. Now we need to update our hash in SQL and then login to our Admin interface. Note: Please delete the test.php when you’re finished
Updating the Password Hash
Now that we have the hash, we need to update it in the Users Table for WordPress. Switch back over to Visual Studio and select the row of the user that you’re modifying. Copy the hash that was just generated the browser into the visual studio row and then click off of the row which will trigger a row update in SQL The next step is to log in with the temporary password that you generated in the test.php file. And now hopefully you will be able to see the admin dashboard for Word Press with this temporary password.
Last But Not Least… Change your temporary password to something you know