We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Get started
Google+

How can i Access User Passsword? | Forum

Topic location: Forum home » Support » General Questions
Justin Trovalds
Justin Trovalds Apr 25 '16
My User has lost his password and he don't know his email ID he is asking me his password and how can i find it, I think the right choice in which the password can be find in database please help me with is serious issue.
#1
dave Leader
dave Apr 25 '16
The best thing you can do in a situation like that is be firm and tell them that they need to use the password reset process.  


It is hard to believe that they cannot remember their email address.  All they have to do if they really cant remember is to check all the emails they have for anything from your site domain by doing a email search.  If they find something then that is probably the email they used, if not then it is not. 


You have to protect yourself as a site owner, people have and will come up with wild stories to get someones account access.   Be firm and follow your own site policy and do not give them the information. 


You cannot give them their password anyway, you do not have access to it unless you know how to decrypt a hash from the db. 


What you could do if you really wanted to, is create an account so that you know the password.  Then take that password from the password field in the db and copy it over to their account, then you give them that pw that you know.   Then delete that account you just made.  However there is such a thing as member responsibility here and you have to force the members to take you and your site seriously that you just do not hand out information like that. 


Someone might be testing you as well to see how firm you stand on security and then come back at you if you give it out, don't fall for it.  If they are real and true then they can dig through their emails or brain and try to remember the email address and then use the password reset process. 


There used to be a plugin that would let admin change passwords but i do not know if it still works or not and i do not remember the name of it. 


But still stand firm.  They have to share the responsibility.  If i went to the bank and said i lost my information and cried in their arms trying to get them to give it to me they would tell me i have to follow the process.  So you need to do the same or you will get burned one day. 


Dave 


 

#2
Justin Trovalds
Justin Trovalds Apr 25 '16
ok Thanks for ur Advice!
#3
Justin Trovalds
Justin Trovalds Apr 25 '16
New oxwall.org site is awesome
#4
Darryl B Leader
Darryl B Apr 25 '16
The plugin Dave mentioned is called "Admin Tools".  You can change the user password, and a few other things. You can change the username by editing the users profile details. Dave is correct about requiring the individual to use the reset password feature, or provide you the active email address on the profile before doing anything yourself. If they can't find any emails from your site, you could send them something to the active email address.
#5
dave Leader
dave Apr 25 '16
Yes thats it, thanks DB :)
#6
ross Team
ross Apr 25 '16
Dave +1
#7
Start | Demo | About | Policies & Licenses | Blog | Contact Us | Oxwall Foundation | Roadmap | Developer Central | Oxwall hosting | Contribute | Partners | Donation | Community software | Dating software
© Copyright Oxwall Software
Oxwall Community Software