One of the issues that owners/administrators for Modx will face is the reset of the password for users who have forgotten it or are unable to recover it using the typical forgot password interface. Fortunately, Modx does provide two different ways to recover passwords manually: through the database and using an application programming interface code. The following article describes how to manually recover the password for Modx Revolution using the database.
Note: Manually changing the passwords for Modx Revolution requires access Cpanel and phpMyAdmin. For more information on using phpMyAdmin, please see Managing Databases Through phpMyAdmin
Manually Changing the Password using the Database
Before you begin, you will nee to obtain the update query for changing the hash that is used to encrypt the password. By default the hashing class is set to use PBKDF2, but this type of hash is not available in phpMyAdmin. Fortunately, Modx lets you change the hash class to MD5, which CAN be used in phpMyadmin. Modx provides the mySQL update query here:
UPDATE modx_users SET hash_class =
, password = MD5(
) WHERE username =
The code above also includes the update query for the password that you need to change. You will need to know the user name in order for the query to work. Note that this query will only work with Modx 2.1 and greater (Web Hosting Hub only has the installation files for the newer versions of Modx).
- Login to the Cpanel then go to the DATABASE section and click on phpMyAdmin.
- Click on the Modx database to select it and open it in phpMyadmin. You will see something similar to the following:
- After selecting the database, scroll down the table list until you find MODx_Users (NOTE: the prefix of the table may differe from MODx_ depending on how the installation was configured)
Select the table by clicking on the selection box as per above, then click on BROWSE on that same row to see the data for that table:
- When you open the table, you should see something similar to the following screenshot:
The screen above shows you the data for a single user (called ADMIN). At the top of the window, you will see a menu with SQL as one of the options. Click on SQL to continue.
- In order to show you the data from the table, there will be a SELECT query already within the window. At the bottom of that window, click on CLEAR in order to remove the existing code. Next, go to the code provided at beginning of this tutorial, copy it and then paste it into the SQL query window that you currently have open. It will then look like this:
- When the code is the window, click on the text and change the password by changing the text in quotes labeled 'the-new-password') to the actual value you wish to use. Then make sure that the user name is set to the user name of the user for which you are changing the password (note: if you get the user name wrong, nothing will change).
- Next, click on the GO button in the bottom right hand corner to execute the change. The button will appear as follows: . This will complete the password change for the specified user.
Note that it is possible to change the hash BACK to PBKDF2, but you will need to load the pbkdf2Convert Plugin that you will have to obtain from Modx. Changing passwords for users is normally handled by the Forgot Password option available upon logging into Modx. When this option is not possible, the manual methods of getting the password can be used. However, they should only used as a last resort in order to maintain the security and stability of the database for the Modx application since this exposes the tables of the database to manipulation.