Admin password out of sync with site password

[bjrafferty]

A hacker trashed part of my site so the host advised me to change the site password immediately. I did so. But I did not think to change the admin's password first,
so the old admin password is sitting encrypted in the database and will not let me login to the admin tool with the new password that I put in configure.php
and the site itself will not let me use the old password.

I could edit the database, but then I would have to dig into the encryption algorithm to know how to fill it out.

Any advice ?

[michael_s]

It is one way MD5 encryption, so there is no way to decrypt.

I guess I don't understand what you problem is. You changed the site password, but not the admin password? I thought they were the same. In max, all I ever have is one master admin and password not 2.

If you want to restore the admin password to the default, empty the admin table, then get the sql for the admin data from the installer oscmax sql file in the install dir. Add that record manaually to the admin table and you will be able to login with the default credentials again. Then simply change them after you have logged in again.

[jpf]

And further to that - the PASSWORD in the configure.php file is for the database - not your site/admin password etc....

[bjrafferty]

What I finally did was to change the password at the host back to the previous password and made some changes.

I also remembered about the configure.php files existing in the "local" directories, and not just the "includes", and I uploaded the editted configure.php file (with the new password) to there as well.
Then I changed the site password (shich also changes the database password) to the new one.

It was just a logic problem of what to do first and next.

Thanks for your help.