Home > Guardian Error Handling System > Help > 1701

How to force a password reset for the webmaster account

Passwords are stored in encrypted format in the file "guardian/data/.webauth_passwd". The format of the file is "username:password" with one username per line.

If the webmaster password needs to be reset, because it has been lost or is no longer working, simply delete the copy of the file on the server, and log in as webmaster. When Guardian sees that the password file is missing, it will generate a fresh one containing a single account with username "webmaster" and password "658uwantit". Log in with these credentials and immediately customize the webmaster password.

But I do not have .webauth_passwd

It can be very difficult to delete the file ".webauth_passwd" because many FTP clients and servers do not list filenames that begin with a dot, and they don't let you delete files that aren't listed. You may think "I don't have that file" because it is not listed, but if the script responds with "invalid username or password", then you do have that file and it is just not showing up. When the file is actually missing, the script will try to create a fresh one with the default username/password or it will return a file system error. So you should always try to use the default credentials "webmaster/658uwantit", but if they do not work and you still get the "invalid username or password" error, then you are guaranteed to have the .webauth_passwd file in there.

You may need to connect with a command-line FTP client and send the command "DELE .webauth_passwd" in order to delete it. The password file is considered a create-on-demand user data file and so re-installing the product with the auto-installer or re-uploadng all the original Guardian script files will not replace the file. If necessary, you can contact Fluid Dynamics with your FTP username and password and request a script password reset.

    "How to force a password reset for the webmaster account"