The joys of MovableType and users...
Recently I had a call from a friend (we'll call him Dave) who had some new users dumped on migrated to him and with them came an interesting problem. One of the users had recently lost access to their corporate email account due to a naming conflict and in this time he'd updated his MT Account information to what he thought was his GMail account. It goes without saying that the address he'd set in his MT account wasn't his and that he subsequently lost access when he tried to log in and forgot his password.
The options open to Dave weren't very enticing:
- try to get the network security guys to catch and trap the MT generated email for him (which would involve lots of paperwork and "Why?"
- try to get the real owner of the GMail account to forward the message to him (Dear Mr X, you don't know me but I have $4 MIllion I want to get out of Nigeria...)
- Use some sort of arcane MT black magic or try MT-Medic (which hasn't been updated for a while...) or
- Reload the mySQL database from a previous version as his user now remembered what the password was...
At the point in the conversation (chat's a conversation right? right?) I suggested that since he had access to the mySQL database, he over-write the existing Author Password in the MT database with something like phpMyAdmin. Silence on the other end (of the chat)... then Dave came back and said "No good its encrypted or something, its not stored as text"
Well I should hope not. Now I don't have a Corporate version of MovableType on my Mac OS X Server, but it should all be pretty similar.
To reset an Authors Password, log into your mySQL database using phpMyAdmin or a similar tool that allows you to fetch and alter records. The table you want is called mt_author and once you've found the right row/record the field you want to change is author_password. The trick is that when you update the field you need to apply the "Encrypt" function, for example in the screenshot below you can see the author_password has been set to "fudgetothrowyouoff" which is basically clear text, the previous contents would have looked more like "Adc9kl00fg".
Looking at this screenshot of phpMyAdmin you can see the function column next to author_password has been set to "ENCRYPT" (don't be tempted to use PASSWORD or OLD_PASSWORD as they won't work). Basically this function will encrypt the password before storage just as MovableType would do when setting the password for you.
Now if you have an user (Author) that's stuck like Dave you should be able to fix it in a matter of minutes for them, making you look like the true genius you are :)
