From: Rick DeNatale <rick.denatale(a)gmail.com>
On 1/17/06, Sy Ali <sy1234(a)gmail.com> wrote:
Is there the facility to get or reset a
user's lost password when
email functions have been turned off?
The user table in the database stores the MD5 hash of the password
salted with the user id, if you can generate this hash value you can
manually reset a password via an SQL update. It ain't pretty but
failing all else...
Details of how the password is salted can be found in User.php
I actually set all accounts that had not been logged-in to the SAME
password using this technique. (Please don't lecture about why this
is a bad idea. It served the purpose at the time.)
Note that the hash is a function of the user name, so you can't
simply blast some MD5 hash of some arbitrary password in there.
:::: In a low-energy future... the wealth of nations will be measured
by the quantity and quality of their forests. -- David Holmgren ::::
:::: Jan Steinman,