gitlab-org--gitlab-foss/doc/security/reset_user_password.md

3 KiB

stage group info type
Manage Access To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments howto

Reset a user's password (FREE SELF)

You can reset user passwords by using a Rake task, a Rails console, or the Users API.

Prerequisites

To reset a user password, you must be an administrator of a self-managed GitLab instance.

Use a Rake task

Introduced in GitLab 13.9.

Use the following Rake task to reset a user's password:

  • For Omnibus installations

    sudo gitlab-rake "gitlab:password:reset"
    
  • For installations from source

    bundle exec rake "gitlab:password:reset"
    

GitLab requests a username, a password, and confirmation of the password. When complete, the user's password is updated.

The Rake task can take a username as an argument. For example, to reset the password for the user with username sidneyjones:

  • For Omnibus installations

    sudo gitlab-rake "gitlab:password:reset[sidneyjones]"
    
  • For installations from source

    bundle exec rake "gitlab:password:reset[sidneyjones]"
    

Use a Rails console

If you know the username, user ID, or email address, you can use the Rails console to reset their password:

  1. Open a Rails console.

  2. Find the user:

    • By username:

      user = User.find_by_username 'exampleuser'
      
    • By user ID:

      user = User.find(123)
      
    • By email address:

      user = User.find_by(email: 'user@example.com')
      
  3. Reset the password:

    user.password = 'secret_pass'
    user.password_confirmation = 'secret_pass'
    
  4. Optional. Notify the user that an administrator changed their password:

    user.send_only_admin_changed_your_password_notification!
    
  5. Save the changes:

    user.save!
    
  6. Exit the console:

    exit
    

Reset the root password

To reset the root password, follow the steps listed previously.

  • If the root account name hasn't changed, use the username root.
  • If the root account name has changed and you don't know the new username, you might be able to use a Rails console with user ID 1. In almost all cases, the first user is the default administrator account.

Troubleshooting

If the new password doesn't work, it might be an email confirmation issue. You can attempt to fix this issue in a Rails console. For example, if a new root password isn't working:

  1. Start a Rails console.

  2. Find the user and skip reconfirmation:

    user = User.find(1)
    user.skip_reconfirmation!
    
  3. Attempt to sign in again.