Blog

Your go-to resource for Joomla knowledge, tutorial, information and latest news in Joomla world

Joomla Admin Quick Guide - Change Password, Manage Users and More

Joomla Admin Quick Guide

Your Joomla admin is absolutely essential to controlling your Joomla site. It’s the launch pad to all other facets of the CMS, and where you’ll begin every process. Accessing your Joomla admin is easy, but there are a few functions that will help you protect your site and experience an overall improvement in the management of your content.

In this introductory article, we’ll show you how to login to your Joomla admin, perform a Joomla admin password reset, ensure your Joomla admin is secure, and address some other common issues that users may face.

Table of content

Full detail video about admin in Joomla

Login and Navigate Joomla Admin

The Joomla admin interface will take some getting used to for new users, but don’t worry. Once you’re used to the basic navigation it will become easier to use.

Joomla Admin URL

To login to your Joomla admin, you first need to access the Joomla login screen by entering your site URL into the address var with the format: “mysite.joomla.com/administrator”. You’ll be directed to the following login form:

Joomla Admin Login Panel

Now simply enter your username and password to access the Joomla Site Administrator (a.k.a. Joomla Control Panel). Here’s what you’ll see:

In this tutorial we’ll be focussing on the Joomla Admin Users tab at the top left as it allows us to control all user settings.

Manage Joomla Admin User Settings

At this point you should be logged in as a super administrator, meaning you have omnipotent influence over the site. Very exciting, but if you’re just starting out, there’s not much to control yet! That’s ok, we’re just going through the basics for now, so go ahead and click on the Users option in the top menu.

Add new user in Joomla

Clicking on a user from the list will open up the settings for that individual. From here you can control the account details, groups, basic settings and Action Log. Use these settings to set permissions and monitor who Joomla admin users are and what they’re doing as well as changing names and passwords.

Control user information in Joomla

Recover or Reset the Joomla Admin Password

There are various reasons that you may be locked out of your Joomla Admin. Two common circumstances could be that your Joomla Admin was compromised or that you’ve simply forgotten your password.

Method 1: phpMyAdmin Database

In order to recover or reset the password, the best method is to access phpMyAdmin which works directly with the MySQL database. For this example we will be using XAMPP, a local host that allows users to build as many Joomla sites as they wish without actually publishing them online.

First, open phpMyAdmin from your local host:

Open phpMyAdmin in XAMPP

After that, find your Joomla site on the left toolbar. This correct selection will depend entirely on what you’ve named your database - in my case "joomla1". Then click on the table perfixed “_users”.

You will see a list of your Joomla Admin users. Find the one you wish to change the password for and click “edit”.

You’ll now see a form with a field for where the password is. Now you can copy the following value to replace it:

d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199

This value will change the password to the word “secret”.

Then scroll to the bottom of the form and hit “go”

You will now be able to log in to your Joomla admin using the password “secret”, then change the password through the user management menu as usual. If you feel your Joomla admin has been compromised, it is good practice to check if any unknown users might have been added, and also change the password of all users.

Method 2: Add Another Super User

For this method, begin by repeating the first step from the previous method (localhost > phpMyAdmin > Joomla Database).

Now press the SQL tab at the top of the right window, this will display “Run SQL query/queries on database <your database>". Next delete any text in the field and paste the following query then finally hit Go.

INSERT INTO `jos31_users`

(`name`, `username`, `password`, `params`, `registerDate`, `lastvisitDate`, `lastResetTime`)

VALUES ('Administrator2', 'admin2',

'd2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199', '', NOW(), NOW(), NOW());

INSERT INTO `jos31_user_usergroup_map` (`user_id`,`group_id`)

VALUES (LAST_INSERT_ID(),'8');

After adding the new super user, you will be able to login to your Joomla admin with the following:

Username: admin2

Password: secret

Once logged in, you can navigate to the manage users section as outlined above to check if the account has been hacked and make any necessary changes.

Protecting your Joomla Admin from Hackers

The sad reality of open source applications is that they are incessantly targeted by hackers seeking to steal data or otherwise take advantage of holes in the security of the system.

Though this graph is outdated, the message is clear. Joomla is susceptible to attacks because of it’s community-driven, open nature so it’s necessary to protect your Joomla admin.

Most of the websites are hacked due to misconfiguration, lousy hosting or vulnerable code. There are a number of ways to protect your Joomla Admin from outsiders with nefarious intentions. There are some minimum standard precautions such as:

  • Secure login with strong password practice: you can use a secure password generator like ServeU to create and manage complex passwords.
  • Avoid untrustworthy integrations: there are a ton of Joomla developers out there, most of which have integrity and are dedicated and accountable. There’s no reason to settle for mysterious or unidentified extensions, as they can expose serious vulnerabilities to your Joomla admin.
  • Regularly backup your Joomla site: quality web hosting services will offer backups at regular intervals, some even daily.

Precautions you can take from your Joomla Admin are as follows:

Make Sure Joomla and Extensions are Up to Date

This is arguably the most important and easiest-to-implement strategy for securing your Joomla Admin. New versions always offer security fixes, and being outdated can limit you from new security features. Updating extensions is equally if not more important as most attacks capitalize on their security issues than Joomla core files.

Thankfully, updating Joomla is simple. When you log in to your Joomla Admin, there will automatically be a notification on the dashboard prompting you to update.

\

If for some reason you don’t receive a notification, you can check and update manually by navigating to the following URL:

mysite.joomla.com/administrator/index.php?option=com_joomlaupdate

This page will show there is an update available and allow you to install it via a button at the bottom:

Enable 2-Factor Authentication for you Joomla Admin Login

This security feature will generate a unique 6 digit code every 30 seconds that will be sent to a mobile device to verify your identity when logging in to Joomla Admin.

The first time you log in to your Joomla Admin, you should be notified of post-installation messages. One of the more important messages will be the option to enable 2-factor authentication:

After choosing to enable 2-factor authentication, you will see the option appear in user settings

Use the drop-down menu to select “Google Authenticator” then follow the 3 step set up instructions:

  1. Download Google Authenticator
  2. Enter the provided information or use the QR code to set up Google Authenticator
  3. Activate 2-factor authentication using the code that is provided

This extra layer of protection is actually very significant. Presumably only you and the users you’ve authorized will have access to these codes, and even if someone trying to hack the site somehow obtained the code, they would only have 30 seconds to use it. This is not practical for hackers whatsoever.

Better Control your Joomla Admin using JSN PowerAdmin 2 from JoomlaShine

JSN PowerAdmin 2 is an extension that simplifies your entire Joomla admin interface and backend processes. This will allow you to enhance your productivity and build your Joomla site like a pro.

This tool is suitable for all users from beginners to advanced and includes features like:

  • Spotlight search
  • Template styles manager
  • Site manager
  • Module positions selection

Joomla has tremendous potential, but it never hurts to make it easier and more effective to use! Trust in JSN PowerAdmin 2 to become your most valuable Joomla companion.

Try JSN PowerAdmin 2 For Free

Introducing JSN Marriage - Delicate Joomla Wedding...
Joomla Extensions & Templates Updated with Extensi...
 

Comments (0)

There are no comments posted here yet
Introduce

Getting Started Series

A fundamental guide
that helps you start with
JSN product easily.

Learn More