With a big catalog of 224+ extensions for your online store
How to reset a locked Admin account in Magento 2
In Magento 2, it’s a common issue that hacker can abuse your security wall by attempting many easy-to-guess passwords consecutively. Consequently, your admin backend is locked due to many failed attempts and Magento 2 core will prevent admin users from continuing login.
All login actions will be blocked for a certain period of time. If you’re using this Magento 2 Security extension, there will be a warning message sent to your email.
It’s not good news for both parties, unfortunately. To ensure the process of managing your backend timely, you can take advantage of launching some command lines which allows safe admin accounts to be able to log in back to the configuration as soon as possible. In order to have the authority performing Linux command-line operations, you must have the SSH access connecting to your server securely. This step requires permission from the server manager directly so this will be the end game for hackers, they can’t run command lines under your nose obviously.
Move forward to check out how to reset locked admin users, and bookmark them when you need this tutorial in a blink of an eye.
Protect your store from cyber threats with Mageplaza's top-notch security services
Check it out!How to Reset a locked Admin account in Magento 2
Store owner can choose one of listed methods
Solution #1. Unlock in the backend
On the assumption that you’re managing several admin accounts but only one or two are locked, this will be the most simple way that can be accomplished right in the backend.
Navigate to the Locked Users section by accessing the Admin Panel and selecting System > Permissions > Locked Users.
If there are locked users, a list will be displayed. Choose the specific user you wish to unlock by clicking the checkbox. Opt for the Unlock action and proceed by clicking the Submit button.
Solution #2. Reset using command lines
In this solution, you are required to use the command lines according to the following 3 steps:
- Step 1: Open your Magento 2 dir
- Step 2: Running command lines.
- Step 3: Check the result
Step 1: Open your Magento 2 dir
First, open your Magento 2 dir, this is the general format to reset an admin user. Note that you just can unlock one by one account manually.
php bin/magento admin:user:unlock {username}
Step 2: Running command lines.
To unlock a specific admin account, insert the name of that admin into the {username} variable , for example with an admin named sam, type this command line:
php bin/magento admin:user:unlock sam
Step 3: Check the result
A success message will be delivered at the interface if the entered data is valid.
- If there was a mistake in typing the name of the admin, this message will inform:
Couldn't find the user account "sam"You should check and retype that command line from Step 1 along with the precise admin name again.
- In case the account is not locked from the start or it can’t be unlocked, this following message will appear
Unlock Admin User Help :
Need guidance on unlocking admin users through the command line? You can simply use the following command:
php bin/magento admin:user:unlock --help
Reset a locked Admin account and more
To be amazed how protective and supportive your store can be guarded, you can try out to use this Security Solution:
- Provide a Security Checklist that displays warnings of possible risks in admin and other data
- Set a limited number of failed login attempts to prevent the store from break-in risks
- Record all login history to track in the future
- Provide file change detection to warn admins of suspected changes in important files
- Set up Blacklist and Whitelist IPs easily in the backend
Discover Mageplaza Security extensions
The bottom line
Resetting a locked Admin account in Magento 2 is a common action that many stores have to take due to security problems. You can either fix it with the above guidelines, or use our Security extension for better protection. This modulecan prevent unwelcomed violation attacks right from the log in steps at the backend, send warning emails timely, archive all login actions and give you a proper checklist which outlines possible harmful factors for your security issues. To prevent email to spam box, enable SMTP here
Related Topics
Looking for
Customization & Development Services?
8+ years of experiences in e-commerce & Magento has prepared us for any challenges, so that we can lead you to your success.
Get free consultant
Recent Tutorials
Change Store Email Addresses
Fix Magento 2 'Invalid Form Key. Please refresh the page'
Magento 2 Search Settings: Default Magento vs Mageplaza AJAX Search
Explore Our Products:
People also searched for
- magento 2 unlock admin account
- magento 2 unlock admin user
- unlock admin user magento 2
- magento 2 unlock user
- locked_record_info_system_config
- magento unlock admin account
- magento 2 delete admin user command line
- unlock magento 2 admin account
- magento 2 check if admin is logged in
- magento 2 enable admin user
- magento 2 unlock config
- magento 2 lock customer account
- magento admin login
- magento 2 unlock customer account
- magento 2 can't login to admin
- magento 2 cannot login to admin
- magento 2 admin login not working
- how to unlock administrator account
- unlock administrator account
- magento 2 can't login to admin no error
- magento can't login to admin
- administrator account locked out
- 2.3.x, 2.4.x
Stay in the know
Get special offers on the latest news from Mageplaza.
Earn $10 in reward now!
