As of Sitecore 7, one can still reset the admin password directly in the core database by executing the following statement:
UPDATE [aspnet_Membership] SET Password='qOvF8m8F2IcWMvfOBjJYHmfLABc=' WHERE UserId IN ( SELECT UserId FROM [aspnet_Users] WHERE UserName = 'sitecore\Admin' )
This resets the admin password to the default value, “b”. Obviously a reset is in order shortly afterward, and this highlights the need for good security at the database level, but this tip can be helpful if the password is reset to a value that’s somehow lost.
Here’s the kicker: resetting the admin password may be necessary even in environments where the Sitecore client is disabled. Perhaps the client-disabled environment was set up with the default password, or it simply needs to be changed due to security requirements. The password may still actually be used in a client-disabled environment as well, if the admin pages are not also disabled.
If that is the case, one easy approach may be to:
- Reset the admin password in a non-client-disabled environment;
- Get the stored, hashed password by running the following query in the core database of the non-client-disabled environment; and
SELECT Password FROM [aspnet_Membership] WHERE UserId IN ( SELECT UserId FROM [aspnet_Users] WHERE UserName = 'sitecore\Admin' )
- Copy the password to the client-disabled environment, by running UPDATE statement above with the changed password in the core database of the client-disabled environment.