Locked out of your local Drupal 9 site?

July 09, 2018
default author headshot Ashraf Abed

Occasionally, someone will forget their password and ask me how to get into their local Drupal 9 website. There are a few different techniques, depending on your set up:

  1. Site is online, you have access to the user account's e-mail address
  2. You have access to drush
  3. You only have access to the database

Case 1: Site is online & You have access to the user account's e-mail address

This is the simplest case.

  1. Visit your-site.com/user
  2. Press "Request new password"
  3. Enter your user account's email address

Case 2: You have access to Drush

drush is a Drupal developer's best friend (with a proper IDE being a close second for Drupal 9 developers). If you have drush installed and working, getting into any account is easy.

Drush uli is a command which generates a 1-time login link to your website. Simply SSH into your server, cd into the website, and run: drush uli USER_ID -l your-website.com

If you do not specify a USER_ID, drush will assume you are logging in to the primary administrator account: user 1.

Case 3: You have DB access, but no drush and no e-mail

This case seems to be especially common with non-Drupal developers who are trying to get a Drupal site set up locally for the first time. It also seems that drush does not work in the current version of Acquia Dev Desktop, which has been the case for many months now. Luckily, you can still access the DB to run queries directly as a last resort. The below is written as of Drupal 8.5, but I expect it to work for later versions of D8 as well.

This is only recommended for local development. Run these 3 queries on the appropriate DB to change user 1's username to "admin", and to change user 1's password to "admin": 

  1. update users_field_data set pass='$S$Es0uz.1p9qSQ91BmIiFQcbBNvGaGKGbucBfDhFCTh59bfBoC83cL' where uid=1;
  2. update users_field_data set name='admin' where uid=1;
  3. delete from flood;
    • This query clears drupal's "flood" table, which could prevent a user from logging in if they have had too many failed attempts.
  4. delete from cache_entity;
    • This clears the cached user entity, to ensure Drupal recognizes the updated username.

I hope this helps someone, someday!

Ready To Launch Your Career?

Take the first step to launching the career you've always wanted. Explore Debug Academy classes today!

Explore Classes Contact Us