show PW in mySQL DB or create new user - mysql

I'm working on a project, continuing a work of somebody else I need to have user name and PW for the update I want to make I can access database it is a MYSQL database. I can see user names but I can't know the PW of any user to do my tests.
I tried to make a new user using the insert tab in php my admin but the query generated was like this
INSERT INTO `user`
(`id`, `username`, `auth_key`, `password_hash`,
`password_reset_token`, `email`, `status`, `created_at`,
`updated_at`, `central_branch`)
VALUES ([value-1], [value-2], [value-3], [value-4], [value-5],
[value-6],[value-7],[value-8],[value-9],[value-10])
where auth_key, password_hash generated from the pw in the view can any body help me either create user or know pw of any user

In general, hashes are not reversible. So if the value of password_hash in your table is storing a hash, you can't get the original plaintext password back from that hash. You can replace it with a new hash string for a password you know, but you can't reverse the existing hash to get the password that was used to generate that hash.
If you can't ask the original developer, and that developer didn't leave any notes about the password for you, then you can only replace it with a new password hash.
If you can't do that because you don't have privilege to update the table, then you need to use the instructions for starting the MySQL Server without privilege enforcement, so you can make users and grant privileges for yourself to work on it. See https://dev.mysql.com/doc/refman/8.0/en/resetting-permissions.html

Related

How to insert a new user programmatically to my forum?

I have a xamarin.forms mobile app, and i have mybb forum.
Is it possible that when a user is creating a new account in the app, user can login to the website with the same credential?
what is the query for doing such a thing?
insert into mybb_users values(............); < what is the MUST INSERT fields
I will only use use email+Password+name (Other fields I will make them null or default value)
Example:
INSERT INTO mybb_users (username, password,email)
VALUES
('username','password','abc#abc.com');
Or should i insert other fields to null or default value
authentication is already done inside the mobile app.
UPDATE:
I have insert a user into mybb_users tables successfully
but when i try to login using the username, i got error message saying user is not registered ??
How do i know what other needed tables i have to fill
Update 2:
This is the registration Page: member.php
You shouldn't need to define all of the columns as long as you are fine with them being null.
See MySQL Insert references for more info.
To answer your second question, you will need to look at the table and the login form itself to see what fields they need. Insert values into those columns.

Sync two MySQL tables

Have two separate databases. The master that holds the user information(username, password, address etc.). The slave database only has one table where the user name and password. I would like to happen is then an new user on the master db i created that the username and password is also added to the slave db.
You can do this with either a TRIGGER or STORED PROCEDURE.
In your case i guess you could use something like this (not tested):
CREATE TRIGGER `user_update` AFTER INSERT ON `User`
FOR EACH ROW
BEGIN
INSERT INTO `mydb`.`UserLogin` (`id`, `UserName`, `Pass`)
VALUES (new.UserId, new.UserName, new.Password);
END$$
We face a similar situation. We use Percona Toolkit's pt-table-sync tool. It's rather simple to use.

Randomise all password in MySQL table

I have a MySQL database with a table that contains usernames and passwords. I want a bash script or MySQL statement that will randomise all the passwords.
I can reset one password with something like
select md5(rand()) as password;
I can loop through with a bash read while loop. Just need help putting it all together.
Yews I know there should not be passwords stored in the clear, it's a legacy system we are moving people away from.
UPDATE `users` SET `password` = md5(rand())
I think you should be able to just CONCAT the current password into the md5, to keep them all unique.
UPDATE passwords SET password = md5(CONCAT(RAND(), password))

Adding new users to a database and generating them unique passwords

I currently have a large user database where every user has a unique password. All the passwords are md5 encrypted. The way I originally set it up was by converting the list of user details to SQL by saving the excel sheet I had as a CSV, and then converting that to SQL at csv2sql.com. I then used sql to create the unique passwords with the following command line:
UPDATE users SET numbers = SUBSTRING(MD5(RAND()) FROM 1 FOR 10)
To make sure this command didn't generate duplicates I made the password field a UNIQUE field. I then exported this table so I had a copy of all the original passwords. Once exported I then encrypted the list to md5 using the following command line:
UPDATE users SET `password` = MD5(`password`)
This all worked fine, albeit not the most efficient way of dealing with it.
Now I have to add a whole load more users to the database. Of course I have to maintain the original passwords from the original users. I'm able to insert the new users, but I'm unsure how I'm going to create the new passwords for them without changing all the previous ones. Can someone point me in the right direction please!
You could import your csv into a temporary table, do your modifications there, and then insert into users (...) select ... from temp_users
You could add a column 'unencrypted password' to your user table, import the csv, so that the unencrypted pw is in that column, and then run update users set password = md5(unencrypted_password) where unencrypted_password is not null
You could use a different csv-sql-converter. As a hack, i often imported the csv into excel/oo-calc, and made a column like this: =concat('insert into table (...) values (', A1, ', ', A2, ')');, which allowed me to do custom sql-statements

How can I set a password for user in MySQL

I need a password for an user as Drupal's installation asks that. I'm totally newcomer on creating databases so I tried this:
CREATE DATABASE 'drupaltest';
CREATE USER 'jaakko'#'localhost' IDENTIFIED BY 'password';
But PHPMyAdmin says
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '`password`'
Could anyone say what queries should I put to make an user with password that Drupal's installation requires and what grants should the new user have?
What you have should work I think. The only things I can think of is maybe you have the wrong type of quotation marks or maybe it has an issue with you setting password to 'password'. Perhaps try set it to something else. If that doesn't work maybe try create the user and then in a separate statement set the password and see if / where it trips up. E.g.
CREATE USER 'jaakko'#'localhost';
SET PASSWORD FOR 'jaakko'#'localhost' = PASSWORD('newpass');
This will also store the password more securely since the hash value will be stored instead of just the plain-text.
Brent777's solution will work, but for added security I would suggest salting the hash with a salt_value.
SELECT users.id, users.name into #id, #name FROM users where users.name = 'jaakko';
CREATE USER 'jaakko'#'localhost';
SET #newpass = 'newpass';
SET PASSWORD FOR 'jaakko'#'localhost' = PASSWORD(concat(#id,#name,#newpass));
Otherwise it will be too easy to attack the password table.