: Force password reset of all users Our MediaWIki 1.25 server was running without $wgSecureLogin. The installer did not copy the setting from DefaultLogin.php, and the setting was not secure by
Our MediaWIki 1.25 server was running without $wgSecureLogin. The installer did not copy the setting from DefaultLogin.php, and the setting was not secure by default. (Related WikiMedia bug T111135: LocalSettings.php lacks wgSecureLogin, wgCookieHttpOnly and wgCookieSecure).
We need to have all users reset their passwords. MediaWiki.org has documentation on resetting a password if you know the user's name at Resetting passwords. However, it appears to lack a "force all users to reset their password" setting or method.
Though I have root access to the server, I don't know the MySQL admin password. I hope there's a web based setting or PHP script that can be used to require all accounts to perform the reset.
How do I require a password change for all users?
More posts by @Merenda212
2 Comments
Sorted by latest first Latest Oldest Best
You can force a password change by running
UPDATE user SET user_password_expires = '19990101000000';
(This is not the same as a password reset as it will accept the old password one time. Less secure, more forgiving.)
If you cannot be bothered to look up the DB password, you can just use maintenance/sql.php.
Can you perform a query?
UPDATE the_table SET password='UserNeedsToResetPassword';
Now all users' passwords dont work anymore. I choose plain text, because I cant think of a way that sha1($_POST['pass']) results in this ;) (or whatever hash you use)
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2025 All Rights reserved.