Joomla Admin Quick Guide - Change Password, Manage Users and More
Your Joomla admin is absolutely essential to controlling your Joomla site. It’s the launch pad to all other facets of the CMS, and where you’ll begin every process. Accessing your Joomla admin is easy, but there are a few functions that will help you protect your site and experience an overall improvement in the management of your content.
In this introductory article, we’ll show you how to login to your Joomla admin, perform a Joomla admin password reset, ensure your Joomla admin is secure, and address some other common issues that users may face.
Table of content
- Navigate Joomla Admin
- Recover or Reset Administrator password
- Protect your Joomla Admin from hacker
- Better Admin Control with Joomla Extension
Full detail video about admin in Joomla
Login and Navigate Joomla Admin
The Joomla admin interface will take some getting used to for new users, but don’t worry. Once you’re used to the basic navigation it will become easier to use.
Joomla Admin URL
To login to your Joomla admin, you first need to access the Joomla login screen by entering your site URL into the address var with the format: “mysite.joomla.com/administrator”. You’ll be directed to the following login form:
Now simply enter your username and password to access the Joomla Site Administrator (a.k.a. Joomla Control Panel). Here’s what you’ll see:
In this tutorial we’ll be focussing on the Joomla Admin Users tab at the top left as it allows us to control all user settings.
Read more: 7 FAQs about Joomla login system.
Manage Joomla Admin User Settings
At this point you should be logged in as a super administrator, meaning you have omnipotent influence over the site. Very exciting, but if you’re just starting out, there’s not much to control yet! That’s ok, we’re just going through the basics for now, so go ahead and click on the Users option in the top menu.
Clicking on a user from the list will open up the settings for that individual. From here you can control the account details, groups, basic settings and Action Log. Use these settings to set permissions and monitor who Joomla admin users are and what they’re doing as well as changing names and passwords.
Recover or Reset the Joomla Admin Password
There are various reasons that you may be locked out of your Joomla Admin. Two common circumstances could be that your Joomla Admin was compromised or that you’ve simply forgotten your password.
Method 1: phpMyAdmin Database
In order to recover or reset the password, the best method is to access phpMyAdmin which works directly with the MySQL database. For this example we will be using XAMPP, a local host that allows users to build as many Joomla sites as they wish without actually publishing them online.
First, open phpMyAdmin from your local host:
After that, find your Joomla site on the left toolbar. This correct selection will depend entirely on what you’ve named your database - in my case "joomla1". Then click on the table perfixed “_users”.
You will see a list of your Joomla Admin users. Find the one you wish to change the password for and click “edit”.
You’ll now see a form with a field for where the password is. Now you can copy the following value to replace it:
d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
This value will change the password to the word “secret”.
Then scroll to the bottom of the form and hit “go”
You will now be able to log in to your Joomla admin using the password “secret”, then change the password through the user management menu as usual. If you feel your Joomla admin has been compromised, it is good practice to check if any unknown users might have been added, and also change the password of all users.
Method 2: Add Another Super User
For this method, begin by repeating the first step from the previous method (localhost > phpMyAdmin > Joomla Database).
Now press the SQL tab at the top of the right window, this will display “Run SQL query/queries on database <your database>". Next delete any text in the field and paste the following query then finally hit Go.
INSERT INTO `jos31_users`
(`name`, `username`, `password`, `params`, `registerDate`, `lastvisitDate`, `lastResetTime`)
VALUES ('Administrator2', 'admin2',
'd2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199', '', NOW(), NOW(), NOW());
INSERT INTO `jos31_user_usergroup_map` (`user_id`,`group_id`)
VALUES (LAST_INSERT_ID(),'8');
After adding the new super user, you will be able to login to your Joomla admin with the following:
Username: admin2
Password: secret
Once logged in, you can navigate to the manage users section as outlined above to check if the account has been hacked and make any necessary changes.
Protecting your Joomla Admin from Hackers
The sad reality of open source applications is that they are incessantly targeted by hackers seeking to steal data or otherwise take advantage of holes in the security of the system.
Though this graph is outdated, the message is clear. Joomla is susceptible to attacks because of it’s community-driven, open nature so it’s necessary to protect your Joomla admin.
Most of the websites are hacked due to misconfiguration, lousy hosting or vulnerable code. There are a number of ways to protect your Joomla Admin from outsiders with nefarious intentions. There are some minimum standard precautions such as:
- Secure login with strong password practice: you can use a secure password generator like ServeU to create and manage complex passwords.
- Avoid untrustworthy integrations: there are a ton of Joomla developers out there, most of which have integrity and are dedicated and accountable. There’s no reason to settle for mysterious or unidentified extensions, as they can expose serious vulnerabilities to your Joomla admin.
- Regularly backup your Joomla site: quality web hosting services will offer backups at regular intervals, some even daily.
Precautions you can take from your Joomla Admin are as follows:
Make Sure Joomla and Extensions are Up to Date
This is arguably the most important and easiest-to-implement strategy for securing your Joomla Admin. New versions always offer security fixes, and being outdated can limit you from new security features. Updating extensions is equally if not more important as most attacks capitalize on their security issues than Joomla core files.
Thankfully, updating Joomla is simple. When you log in to your Joomla Admin, there will automatically be a notification on the dashboard prompting you to update.
If for some reason you don’t receive a notification, you can check and update manually by navigating to the following URL:
mysite.joomla.com/administrator/index.php?option=com_joomlaupdate
This page will show there is an update available and allow you to install it via a button at the bottom:
Enable 2-Factor Authentication for you Joomla Admin Login
This security feature will generate a unique 6 digit code every 30 seconds that will be sent to a mobile device to verify your identity when logging in to Joomla Admin.
The first time you log in to your Joomla Admin, you should be notified of post-installation messages. One of the more important messages will be the option to enable 2-factor authentication:
After choosing to enable 2-factor authentication, you will see the option appear in user settings
Use the drop-down menu to select “Google Authenticator” then follow the 3 step set up instructions:
- Download Google Authenticator
- Enter the provided information or use the QR code to set up Google Authenticator
- Activate 2-factor authentication using the code that is provided
This extra layer of protection is actually very significant. Presumably only you and the users you’ve authorized will have access to these codes, and even if someone trying to hack the site somehow obtained the code, they would only have 30 seconds to use it. This is not practical for hackers whatsoever.
Read more: Joomla security misconceptions you should clear up now
Better Control your Joomla Admin using JSN PowerAdmin 2 from JoomlaShine
JSN PowerAdmin 2 is an extension that simplifies your entire Joomla admin interface and backend processes. This will allow you to enhance your productivity and build your Joomla site like a pro.
This tool is suitable for all users from beginners to advanced and includes features like:
- Spotlight search
- Template styles manager
- Site manager
- Module positions selection
Joomla has tremendous potential, but it never hurts to make it easier and more effective to use! Trust in JSN PowerAdmin 2 to become your most valuable Joomla companion.