Cake 2.1 Password Reset

Hi there.

We have inherited some old site using Cake PHP (2 I think). We are having issues getting in via admin and cannot reset the password. The password the client thinks it is (and worked before we were sent the files) doesnt work.

I have tried generating a SHA1 password online and directly inputting this into the password within the user in MySQL but it doesnt work.

Any ideas how to reset the password within the website itself?


A good site should have a password reset function built in, but where would be 100% dependent on the implementation.

Password in Cake are generally salted, so that may be the source of your issue. If the salt (saved in the config) is different between two copies of the site, then passwords for one wouldn’t work for the other.

THanks for the reply.

I agree, however we didnt make the webapp. Alas we are in charge of getting up and running.

I dont think the salt has been changed.

If the code hasn’t changed, and the hashed password in the database hasn’t changed, and the salt hasn’t changed, then it should work. So I’d think that one of those three differs. Figuring out which one is pretty fundamental to recommending a solution.

Why not just generate a new password hash and directly update the database? Cake 2.1 by default uses salted SHA1.