Dear all,
I am setting up a training server for staff and i am using dhis2 live
to achieve the task but i am using one of our database rather than the
default database. I had already used the following query to change the
admin password:
UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
where username = 'admin';
What am i doing which is wrong and why i can't login with username:
admin password: district
Dear Knut,
I am using DHIS2 live and it is version: 2.20 Build revision: 19682
···
On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
Hi Gerald,
Which version of DHIS2?
On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas <gerald17006@gmail.com> > wrote:
Dear all,
I am setting up a training server for staff and i am using dhis2 live
to achieve the task but i am using one of our database rather than the
default database. I had already used the following query to change the
admin password:
UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
where username = 'admin';
What am i doing which is wrong and why i can't login with username:
admin password: district
Dear Knut,
1. No i didn't have it
2. Yes, the admin is there. Also when i run the query the encrypted
password had changed but the 'last update time of password' was not
changed
···
On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
You don't have the old password to log in as the admin user? Can you see in
the database that the admin user has not been removed?
On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas <gerald17006@gmail.com> > wrote:
Dear Knut,
I am using DHIS2 live and it is version: 2.20 Build revision: 19682
On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
> Hi Gerald,
>
> Which version of DHIS2?
>
> On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas <gerald17006@gmail.com> >> > wrote:
>
>> Dear all,
>> I am setting up a training server for staff and i am using dhis2 live
>> to achieve the task but i am using one of our database rather than the
>> default database. I had already used the following query to change the
>> admin password:
>>
>> UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
>> where username = 'admin';
>>
>> What am i doing which is wrong and why i can't login with username:
>> admin password: district
>>
>> --
>> Regards,
>>
>> Gerald
>>
>> _______________________________________________
>> Mailing list: DHIS 2 developers in Launchpad
>> Post to : dhis2-devs@lists.launchpad.net
>> Unsubscribe : DHIS 2 developers in Launchpad
>> More help : ListHelp - Launchpad Help
>>
>
>
>
> --
> Knut Staring
> Dept. of Informatics, University of Oslo
> Norway: +4791880522
> Skype: knutstar
> http://dhis2.org
>
--
Regards,
Gerald
--
Knut Staring
Dept. of Informatics, University of Oslo
Norway: +4791880522
Skype: knutstar http://dhis2.org
Jason & Knut,
Is there any workaround for this task other than we had done?
Thanks in advance for your usual cooperation.
···
On 8/31/15, gerald thomas <gerald17006@gmail.com> wrote:
Dear Knut,
I did but it is the same thing. This aspect of removing the password reset
is a scare because not all admins do handover.
Regards,
Gerald
On Aug 31, 2015 5:18 PM, "Jason Pickering" <jason.p.pickering@gmail.com> > wrote:
Also, you must restart the server after you do this. Did you restart it?
On Mon, Aug 31, 2015 at 6:30 PM, gerald thomas <gerald17006@gmail.com> >> wrote:
Dear Knut,
1. No i didn't have it
2. Yes, the admin is there. Also when i run the query the encrypted
password had changed but the 'last update time of password' was not
changed
On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
> I see. There has been a change to the password encryption in 2.21, but
that
> should not affect you:
> [Dhis2-devs-core] MD5 password support dropped
>
> You don't have the old password to log in as the admin user? Can you
see in
> the database that the admin user has not been removed?
>
> On Mon, Aug 31, 2015 at 6:12 PM, gerald thomas <gerald17006@gmail.com> >>> > wrote:
>
>> Dear Knut,
>> I am using DHIS2 live and it is version: 2.20 Build revision: 19682
>>
>> On 8/31/15, Knut Staring <knutst@gmail.com> wrote:
>> > Hi Gerald,
>> >
>> > Which version of DHIS2?
>> >
>> > On Mon, Aug 31, 2015 at 5:02 PM, gerald thomas < >>> gerald17006@gmail.com> >>> >> > wrote:
>> >
>> >> Dear all,
>> >> I am setting up a training server for staff and i am using dhis2
live
>> >> to achieve the task but i am using one of our database rather than
the
>> >> default database. I had already used the following query to change
the
>> >> admin password:
>> >>
>> >> UPDATE users set password = '48e8f1207baef1ef7fe478a57d19f2e5'
>> >> where username = 'admin';
>> >>
>> >> What am i doing which is wrong and why i can't login with
>> >> username:
>> >> admin password: district
>> >>
>> >> --
>> >> Regards,
>> >>
>> >> Gerald
>> >>
>> >> _______________________________________________
>> >> Mailing list: DHIS 2 developers in Launchpad
>> >> Post to : dhis2-devs@lists.launchpad.net
>> >> Unsubscribe : DHIS 2 developers in Launchpad
>> >> More help : ListHelp - Launchpad Help
>> >>
>> >
>> >
>> >
>> > --
>> > Knut Staring
>> > Dept. of Informatics, University of Oslo
>> > Norway: +4791880522
>> > Skype: knutstar
>> > http://dhis2.org
>> >
>>
>>
>> --
>> Regards,
>>
>> Gerald
>>
>
>
>
> --
> Knut Staring
> Dept. of Informatics, University of Oslo
> Norway: +4791880522
> Skype: knutstar
> http://dhis2.org
>
You can insert the resulting hash directly into the database for the admin user.
Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:
Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:
UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;
Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.
If you have had a situation where someone else was in control over the server, they may have (smartly) disabled or completely removed the “admin” user. Otherwise, you may need to develop a more comprehensive script to inject a user into the database if the “admin” user does not exist at all.
You can insert the resulting hash directly into the database for the admin user.
Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:
Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:
UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;
Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.
You can insert the resulting hash directly into the database for the admin user.
Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:
Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:
UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;
Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.
For the record: Starting in 2.21 we only accept bcrypt password hashes. Anything else will fail.
Beginning in 2.17 we started hot-swapping every user logging in with the old scheme (md5) to the new one (bcrypt) on login. Even though they work in 2.20 I strongly suggest using bcrypt hashes for this reason as well as the obvious security improvement.
As it seems you’ve experienced, changing the password in the DB at runtime will not work (application memory will hold the old one). If you need to force a password swap you will need to change the password in the db before you start the server.
You can insert the resulting hash directly into the database for the admin user.
Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:
Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:
UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;
Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.
You can insert the resulting hash directly into the database for the admin user.
Note: If you do not have the Bcrypt library in your Python installation, you should add it with pip. The following will install all prerequisites on a CentOS 6 system:
Before attempting to change the admin user password in the database, visit the front page of a new installation to have DHIS2 generate data in the database for the admin user (you can do something as simple as $ curl -sL http://localhost:8080/). Then, you can enter the following query into the Postgres CLI with the DHIS2 database in use:
UPDATE USERS SET password = ‘001122hashgoeshere221100’ WHERE username = ‘admin’;
Restart the application server (Tomcat) and then you should be able to log in with your new password passwordGoesHere or what you changed it to.
Hello @alanivey I’m trying to reset my admin password to the default “district”. I useand bcypt to generate the hash and ran the query you provided. I got this error:
ERROR: column "‘admin’" does not exist
LINE 1: ...U.PQZLRs3uTb0Up/FWmH6MW9HZ/pHYe’ WHERE username = ‘admin...
Reviving this once again for DHIS2 version 2.40. It seems the “user” table might have been removed, with user’s username/password in the “userinfo” table instead. It’s unclear if the “user” table was actually dropped. Also, attempts to update password values using Bcrypt don’t appear to be effective. Any insights on this would be appreciated.
Yes, it appears that the users table name is called userinfo in the latest databases. Would you please explain further what’s not working when using bcrypt? Do you see any error messages?
I have followed all of those steps but It seems like am not still able to log in, maybe it’s because this account had 2-factor authentication turned on before, so is there any way I can remove that 2-factor authentication too? Am using DHIS2 version 2.37.6