How to Reset Joomla Admin Password: Step-by-Step Recovery Guide

Key highlights 

• Learn how to reset admin password in Joomla through the User Manager or phpMyAdmin for instant access recovery.

• Understand how to reset Joomla admin password directly in the Joomla database when you forget your administrator password. 

• Explore how to create a temporary super user or new super admin user when the original admin account is locked. 

• Check file permissions and configuration file settings to protect your Joomla installation from potential threats or hacked accounts. 

• Uncover advanced methods for password recovery, including SQL query examples, phpMyAdmin access and secure password field updates.

If you have forgotten your Joomla administrator password and can’t access your dashboard. Don’t worry, you can reset your Joomla admin password quickly using several proven recovery methods. 

TL:DR: How to reset your Joomla password?

• Method 1: Using the “Forgot Password” link on the Joomla login page. 

• Method 2: Resetting the password from cPanel or phpMyAdmin by editing the database directly. 

• Method 3: Running an SQL query in phpMyAdmin to update the admin password manually. 

• Method 4: Creating a temporary Super Administrator account via your database. 

• Method 5: Updating the password through the configuration.php file (for advanced users).

Each of these methods helps you securely regain access to your Joomla administrator account without compromising your website’s data or integrity.  

In this guide, we’ll explore each recovery method step-by-step, along with tips for checking file permissions, configuration edits and how Bluehost hosting tools simplify Joomla access recovery for faster troubleshooting.

Why you may need to reset your Joomla admin password?

Before diving into the actual steps on how to reset admin password in Joomla, it’s important to understand why login issues occur. Identifying the root cause helps you choose the right recovery method and prevent future lockouts. 

1. Common reasons of Joomla admin login issues 

Losing Joomla admin access can happen for several reasons. Forgotten passwords, hacked administrator accounts or broken user tables in the Joomla database are some of the most common causes of login failure. Sometimes, file permissions or plugin conflicts interrupt the authentication process.  

When this happens, you may need to reset Joomla admin password using phpMyAdmin, SQL queries or your configuration file. Knowing the exact cause saves time and ensures the right recovery path. 

2. How to know if your Joomla admin password was forgotten or hacked 

A simple forgotten password can be fixed quickly through the forgot your password link or by editing the users table in phpMyAdmin. However, if your site was hacked, you might see unfamiliar usernames, missing admin accounts or modified super administrator groups. 

In that case, reset Joomla manually using an SQL query, delete non-legitimate users and search and review logs for unauthorized access. 

3. Importance of secure administrator password management 

Weak credentials are a common security flaw. Always use a unique administrator password, store it securely and rotate it regularly. Avoid sharing admin logins and review user permissions often.  

Bluehost users strengthen their Joomla security using Free SSL, automatic backups and secure database management through their cPanel account. 

4. How do file permissions and user roles affect password recovery? 

Incorrect file permissions or missing admin roles can block Joomla from validating your password. Ensure folders use 755 and files use 644 permissions.  

Then, check that your admin account is still linked to the super users group in the database. This ensures full administrator access when resetting credentials or restoring your Joomla site. 

Now that you know the main reasons behind login failures, let’s prepare your Joomla setup before recovery. The next step explains what to do before you reset admin password in Joomla to make sure your process is safe and accurate. 

Also read: How to Change File Permissions in cPanel

What to do before you reset admin password in Joomla (essential security pre-checks)

Before you start changing database fields or running SQL commands, it’s vital to perform a few quick checks. These steps protect your data, ensure accurate updates and help you recover access without errors. 

1. Confirm cPanel access and admin privileges first 

First, make sure you have admin privileges or access to your hosting control panel. Sign in to your cPanel account and confirm you can open phpMyAdmin, File Manager and your Joomla installation directory.  

You’ll need these tools to reset the Joomla admin password, modify the database and check configuration details. Without cPanel access, restoring the administrator’s password becomes difficult. 

2. Back up your Joomla database before making changes

Before making any changes, always back up your Joomla database. Go to the Databases section in cPanel and export a full copy through phpMyAdmin.  This backup protects your site if an SQL command fails or the password field update goes wrong. If you’re hosting with Bluehost, automated backups in the control panel make recovery instant and secure.

3. Locate and verify your Joomla Configuration.php file

Next, locate your configuration.php file inside your Joomla directory. It contains critical database and connection details used during password reset. Make sure file permissions are correctly set to 644 to prevent unauthorized editing. You may need this file’s information, especially the database name and user, to access phpMyAdmin or verify connection errors. 

4. Confirm the Joomla database prefix before running SQL commands 

Every Joomla database has a unique table prefix like jos_, abc_ or a random string. This prefix is essential for accuracy when running SQL commands in phpMyAdmin. 

Open your configuration.php file and look for the $dbprefix line. Using the wrong prefix can cause the SQL query to fail or overwrite another table, so verify it carefully before executing any command. 

Also read: Understanding Common Joomla Errors 

Once you’ve completed these essential security pre-checks, you’re ready to begin the recovery process. Let’s start with the simplest method; using Joomla’s built-in “Forgot Password” link. 

Method 1 — How to reset Joomla admin password using the “forgot password” link

If you’re wondering how to reset Joomla admin password without touching the database, the Forgot Password link is your simplest option. This method works when your admin account’s email recovery feature is active and properly configured. 

Steps to reset your Joomla admin password from the login page 

1. Navigate to your Joomla administrator login page (typically yourdomain.com/administrator).

2. Click the “Forgot your password?” link below the login fields. 

3. Enter your admin username or registered email address and click Submit. 

4. Check your email inbox for a password reset link from your Joomla site. 

5. Click the reset link and set your new password securely. 

6. Return to the administrator login page and sign in with your updated credentials. 

If everything is configured correctly, your dashboard access should be restored immediately. 

Troubleshooting when the ‘Forgot Password’ link fails 

Sometimes the email recovery feature fails if your SMTP configuration or user manager settings are outdated. 

If you don’t receive the password reset email: 

• Confirm that your Joomla mail settings (SMTP or PHP Mail) are properly set in the Global Configuration. 

• Check spam or junk folders for the reset email. 

• Use another recovery method like phpMyAdmin or a temporary super user if email recovery fails. 

This ensures you can still reset Joomla admin password even when the automated reset option doesn’t work.

When to use this Joomla password recovery method

The Forgot Password method is the safest and fastest way for users who still have functional email recovery enabled. You don’t need database access, SSH or file editing permissions. 

Once logged in, it’s a good idea to review your User Manager settings and confirm that the administrator password was updated correctly. You can also verify that the email recovery link functions properly for future use. 

For added security, we at Bluehost recommend enabling Free SSL and daily backups to safeguard login credentials and prevent unauthorized admin access.

Method 2 – How to reset Joomla admin password from cPanel/phpMyAdmin

If the “Forgot Password” option didn’t work, you can still reset Joomla admin password directly through your cPanel account. This database method is ideal when your email recovery fails, your site is hacked or you’ve lost access to your administrator dashboard. 

Access phpMyAdmin from your Bluehost cPanel account 

1. Log in to your cPanel account using your hosting credentials.

2. Scroll to the Databases section and click phpMyAdmin.

3. From the left side, locate your Joomla database – it’s the same name listed in your configuration.php file. 

4. Once open, you’ll see a list of tables connected to your Joomla installation.

Edit your Joomla admin password in the database users table

1. In phpMyAdmin, find the table ending in users (for example, josusers or abc_users). 

2. Click on that table to view all Joomla users. 

3. Find your administrator account or original admin user. 

4. Click the Edit button (the small pen icon) next to the username. 

5. Locate the user password field and replace the existing value with a new one. 

You can use MD5 or SHA256 hash to encrypt the new password. Joomla will recognize it automatically when you log in again. 

Example SQL query: 

UPDATE `jos_users` 
SET `password` = MD5('newpassword') 
WHERE `username` = 'admin'; 

Replace jos_ with your actual database prefix, found in your configuration.php file under $dbprefix. 

Save your changes and test your Joomla admin login

1. After editing the password field, scroll down and click Go or Submit to save your changes. 

2. Return to your Joomla administrator login page (yourdomain.com/administrator). 

3. Enter your admin username and the new password you set. 

4. If login works, navigate to the User Manager inside the dashboard and confirm that your admin account credentials have been updated.

Best practices for secure Joomla password recovery

• Always backup your Joomla database before editing any tables. 

• Never leave phpMyAdmin open or share your cPanel account credentials. 

• Once logged in, change your password again from the User Manager for better security. 

• Review your file permissions and check for suspicious accounts in the super users group to avoid potential threats. 

• Use Bluehost’s Free SSL and daily backups to safeguard your Joomla configuration and credentials. 

Method 3 – How to reset Joomla admin password manually using an SQL query in PhpMyAdmin 

If you can access phpMyAdmin but the standard “Forgot Password” link doesn’t work, you can reset Joomla admin password manually using an SQL query. This method edits the users table inside your Joomla database directly from your cPanel account or a phpMyAdmin link. 

1. Select your Joomla database in phpMyAdmin 

1. Log in to your cPanel account. 

2. Under the Databases section, click phpMyAdmin. 

3. From the left-side panel, select your Joomla database. 

4. You can confirm the correct database name in your configuration.php file under the $db line. 

Once open, you’ll see a list of tables, including the one that stores your user credentials. 

2. Execute an SQL command to reset your Joomla admin password 

1. In phpMyAdmin, click the SQL tab from the top menu. 

2. Paste the following command into the SQL query box: 

UPDATE jos_users 
SET password = MD5('your_new_password') 
WHERE username = 'admin'; 

1. Replace jos_ with your actual database prefix (found in the configuration.php file under $dbprefix). 

2. Click Submit or Go to execute the query. 

3. If successful, phpMyAdmin will show a confirmation message stating the password field was updated. 

This command securely changes your admin password using an MD5 hash recognized by Joomla. 

3. Verify your updated Joomla admin credentials

1. After executing the SQL query, open your Joomla administrator login page (yourdomain.com/administrator). 

2. Enter your admin username and the new password you set. 

3. Once logged in, navigate to User Manager to verify that your administrator account works properly. 

4. Change the password again from the dashboard for better security.

4. Database safety tips after Joomla password reset 

• Always backup your Joomla database before running any SQL command. 

• Never share your phpMyAdmin or cPanel account credentials with others. 

• Double-check your database prefix to avoid changing the wrong table. 

• After login, review file permissions and ensure your account is still part of the super administrator group. 

For enhanced security and peace of mind, consider using Bluehost WordPress Hosting. It comes with automated database backups and secure phpMyAdmin access. Additionally, you can easily manage your databases and restore them quickly if needed. It reduces the risk of accidental data loss.  

Plus, with our 24/7 expert support, you’ll have access to professional help whenever you need it.

Method 4 – How to create a temporary super administrator via database

If none of the previous recovery methods work, you can still reset Joomla admin password by adding a new super admin user directly through your database. This method lets you create a temporary user with full administrator privileges – a helpful workaround when your main admin account is missing or locked.

Access phpMyAdmin to open the Joomla users table

1. Log in to your cPanel account and open phpMyAdmin under the Databases section. 

2. From the left-side panel, select your Joomla database. 

3. Locate the table ending in users (for example, josusers or abc_users). 

4. Click on it to view the list of registered Joomla users. 

This is where you’ll manually add a new admin user.

Add a temporary super admin user record manually 

1. Click the Insert tab at the top of the phpMyAdmin interface. 

2. Fill out the new user details as follows: 

Field	Value
id	Leave blank (auto-generates)
name	Temporary super user
username	tempadmin
email	[your]@[email].com
password	Use an MD5 hash (e.g. 21232f297a57a5a743894a0e4a801fc3 for “admin”)
block	0
sendEmail	0
registerDate	CURRENT_TIMESTAMP

3. Click Go to save the new temporary super user record. 

This links your temporary user to Joomla’s highest permission level, giving you full admin access.

Log in with your new Joomla super admin and reset password 

1. Go to your Joomla administrator login page (yourdomain.com/administrator). 

2. Log in using your new credentials: 

1. Username: tempadmin 

2. Password: the password you defined earlier 

3. Once inside the Joomla dashboard, open the User Manager and update or reset your main administrator password. 

4. After confirming access, delete the temporary user from the users and user_usergroup_map tables to prevent potential security threats.

Remove temporary Joomla users and secure permissions 

• Always remove any temporary admin user immediately after password recovery. 

• Review file permissions and ensure no unauthorized accounts remain in the super users group. 

• Use strong passwords and enable Free SSL and daily backups through your hosting provider. 

Bluehost users can easily restore Joomla installations and manage database edits securely through the Bluehost Control Panel.

Method 5 – How to reset Joomla admin password via configuration file (advanced users) 

If your Joomla admin login fails and phpMyAdmin isn’t accessible, you can attempt a Joomla admin password reset through your configuration.php file. This advanced method is best for experienced users who can safely edit Joomla files using cPanel File Manager or FTP access.

Find and open your configuration.php file 

1. Log in to your cPanel account or connect to your server via FTP. 

2. Navigate to your Joomla installation’s root folder – usually public_html or a subdirectory like /joomla. 

3. Locate the file named configuration.php. 

4. Right-click and choose Edit in File Manager (or open it using your FTP editor). 

This file contains your Joomla site’s database credentials, table prefix, and other settings, all of which are required for a successful password reset. 

Verify database name, prefix and file permissions

Once the file is open, review these key lines:

public $user = 'your_database_username'; 
public $password = 'your_database_password'; 
public $db = 'your_database_name'; 
public $dbprefix = 'jos_'; 

• Ensure your database name matches the one listed in phpMyAdmin. 

• Confirm the dbprefix (like jos_ or abc_) matches the prefix used in your SQL queries or when editing tables manually. 

• Check that file permissions for configuration.php are set to 644 for security. 

Incorrect prefixes or permissions can cause connection errors or failed password updates. 

Use configuration.php details to confirm SQL accuracy 

The dbprefix value ensures your SQL commands target the correct table inside your Joomla database. 

For example, if your configuration file lists $dbprefix = ‘abc_’;, your query should look like this:

UPDATE abc_users 
SET password = MD5('newpassword') 
WHERE username = 'admin'; 

Replacing the prefix ensures Joomla applies the password reset correctly during your next login attempt. 

Save changes and reconnect your Joomla site

1. After reviewing and editing the configuration.php file, click Save Changes. 

2. Return to your Joomla administrator login page (yourdomain.com/administrator). 

3. Log in using your new admin password or test your connection if you’ve recently changed database credentials. 

4. If successful, open the User Manager and verify that your administrator account is active. 

If the issue persists verify your database prefix. Check the file permissions as well. If the problem still persist contact your hosting provider for assistance. 

Secure your configuration.php file after edits 

Always restore secure permissions after editing Joomla files. Avoid leaving configuration.php writable (set to 644) and ensure no plain-text credentials remain exposed. Bluehost users can use built-in File Permissions Manager and Free SSL tools to secure the Joomla configuration automatically. 

Once you’ve tried these password reset methods, you may still encounter access issues or login errors. Let’s look at how to troubleshoot common Joomla password reset problems effectively.

Troubleshooting common Joomla password reset errors and access issues

Even after following every method to reset Joomla admin password, you might face unexpected errors or access issues. Here’s how to identify and fix the most common Joomla password recovery problems effectively. 

1. Fix “Cannot connect to database” or “Access denied” errors 

These errors usually occur when your configuration.php file has incorrect database details. 

Open your file using cPanel File Manager or FTP and check the following query: 

public $user = 'your_database_username'; 
public $password = 'your_database_password'; 
public $db = 'your_database_name'; 

If the database credentials are wrong or your Joomla database is corrupted, Joomla can’t verify the administrator password. Confirm credentials with your hosting provider or phpMyAdmin, then reconnect your Joomla installation. 

2. Resolve wrong prefix or corrupted configuration.php file

A mismatched database prefix is one of the most common reasons Joomla fails to authenticate users. Check your prefix under $dbprefix in configuration.php and make sure it matches the tables inside phpMyAdmin (for example, abc_users or jos_users). 

If your configuration file is damaged, restore it from a backup or reupload a clean version from your Joomla installation package. Incorrect prefixes or missing connection lines can prevent even a valid SQL query from resetting your admin password properly. 

3. Fix Joomla “Forgot your password” email not sending 

• If the Forgot Password email isn’t arriving, check your Joomla Global Configuration > Server > Mail Settings.

• Make sure your site uses a verified SMTP setup or PHP Mail option. 

• Test by sending a message from the User Manager. 

• If the issue persists, your web host might be blocking outgoing mail. 

At Bluehost, you can enable reliable email delivery services that ensure password recovery links reach your inbox every time. 

4. Resolve file permission errors in Joomla

Incorrect file permissions can prevent Joomla from reading or writing password data. 

Folders should be set to 755 and files should be 644. Improper permissions on sensitive files like configuration.php can lead to Access Denied errors or login loops.  

You can correct permissions directly from cPanel → File Manager or by using the Bluehost File Permissions Manager tool. 

5. Recover Joomla admin access after a hack or deleted user

If your Joomla admin account was deleted or replaced during a hack, don’t panic. You can still restore access by creating a temporary super user manually through phpMyAdmin. 

Insert a new record in the users table, assign it to the super administrator group (ID: 8) and log in with those credentials. Once inside the Joomla dashboard, delete the temporary account, reset your admin password and review user logs for suspicious activity. 

This temporary super user method is the safest way to recover control after a breach. 

6. Quick recap: Common Joomla login issues and fixes

Issue	Likely cause	Fix
Cannot connect to database	Wrong credentials in configuration.php	Verify database name, user and password
Access denied or login loop	File permission errors	Reset permissions to 755/644
Email not sending	Broken SMTP settings	Recheck Mail configuration
SQL query fails	Incorrect database prefix	Match prefix with configuration.php
Admin deleted	Site hacked	Use temporary super user method

Best practices to secure your Joomla admin password and dashboard access

After you reset Joomla admin password successfully, securing your administrator account is the next critical step. Weak credentials, unchecked file permissions and unnecessary admin access can all expose your Joomla installation to potential threats. 

Here’s how to strengthen your Joomla security and protect your admin credentials long-term. 

1. Create strong and unique Joomla admin passwords 

Use a combination of uppercase, lowercase, numbers and symbols in every administrator password. Avoid using personal details, dictionary words or the same password secret across multiple platforms. 

Each Joomla admin password should be at least 12–16 characters long and stored in an encrypted password manager. Bluehost users can also leverage built-in Password Generators within their cPanel account to create strong credentials instantly. 

Also read: Bluehost Control Panel: Features of a Web Control Panel 

2. Update Joomla admin passwords regularly to prevent hacks 

Regular password rotation minimizes risks from data leaks and phishing attacks. Update your admin password every 60–90 days and immediately after any suspicious activity. 

After every Joomla admin password reset, verify the change in selected User Manager and update related credentials (like database or FTP passwords) if needed. This simple routine protects your Joomla installation against unauthorized logins and automated brute-force attempts. 

3. Limit Joomla super admin access for better security 

Only assign the super administrator group (ID: 8) role to users who absolutely need full control. Creating multiple super admin accounts increases the attack surface. 

Instead, assign specific roles to users with limited permissions, such as Editor or Manager. 

You can control this easily within the User Manager under Groups & Permissions. If you ever add a temporary user, remember to delete it after troubleshooting or recovery. 

4. Enable 2FA and reCAPTCHA to protect your Joomla login 

Adding two-factor authentication (2FA) adds an extra security layer to your Joomla login. Go to Users → Manage → Two Factor Authentication in your Joomla dashboard to enable it. 

Pair this with Google reCAPTCHA to prevent bot-based login attempts. 2FA ensures that even if your administrator password is compromised, hackers cannot access your site without the verification code. 

5. Review file permissions and activity logs for security 

Incorrect file permissions and ignored log entries are major security risks. Keep folders at 755 and files at 644 to maintain secure access control. 

After every Joomla admin password reset, review your site logs for failed login attempts or unusual IP activity. Bluehost users can use Site Logs and Free SSL to monitor activity and secure admin sessions automatically. 

Also read: How to Get Free SSL Certificate in 2025: A Complete Guide 

How does Bluehost help you recover Joomla admin access quickly and securely? 

At Bluehost, we understand how stressful it can be to lose access to your Joomla dashboard. Whether it’s a forgotten password, a corrupted configuration file or database issues, we make it simple to recover access quickly and securely. 

1. Simplified Joomla database management with Bluehost cPanel 

We provide a user-friendly cPanel account where you can manage your entire Joomla installation from one place. All you need to do is login to your hosting account and select the cPanel option.  

Through cPanel, you can edit your configuration.php file, check database prefixes or fix file permissions – all without needing coding experience. 

Our control panel is designed to make Joomla admin password reset smoother, even for first-time users. 

2. Reset Joomla passwords faster with Bluehost phpMyAdmin access 

With Bluehost, you can open phpMyAdmin directly from your cPanel in a single click. This allows you to access your Joomla database, edit the users table and reset your administrator password using a secure SQL query in minutes. 

We simplify the process so you can focus on restoring access, not troubleshooting complex database connections. Plus, our system automatically backs up your database before critical changes – giving you peace of mind during every Joomla admin password reset. 

3. Use Bluehost security tools to protect Joomla installations 

Security is at the heart of everything we do. We offer Free SSL, CodeGuard for automated daily backups and advanced security monitoring to protect your Joomla installation from unauthorized access. 

These tools keep your administrator login safe and ensure your Joomla configuration.php file and database credentials remain secure. You can also restore your site instantly from a backup if anything goes wrong during a password recovery or system update. 

4. Get 24/7 Bluehost expert support for Joomla password recovery 

Our expert team is available 24/7 to help you with every step of the Joomla password recovery process. From confirming your database prefix to creating a temporary super user, we’re always here to guide you.

Whether you contact us through live chat, call or email, we’ll walk you through how to reset admin password in Joomla safely and effectively. At Bluehost, our goal is to make Joomla management simple, secure and stress-free – no matter your technical level. 

With our tools, support and hosting reliability, you’re always in control of your Joomla site. Now, let’s wrap up with a quick recap and actionable next steps to keep your Joomla admin access secure. 

Final thoughts 

“Password recovery is never about speed, it’s about doing it securely,” as Joomla experts often say. Knowing how to reset admin password in Joomla safely prevents data loss and reinforces your site’s protection. 

With Bluehost, security and simplicity go hand in hand. We provide intuitive database access, one-click phpMyAdmin tools and Free SSL to keep your admin credentials safe.

Our hosting platform is designed to protect your website from potential threats, 24/7. Regain control today, stay secure tomorrow and trust Bluehost to keep your website performing flawlessly. 

FAQs