Admin Password Restoration in Prestashop

If you never found your Prestashop back office being inaccessible for no reason, call yourself lucky! But if you did, let’s see how to recover an unrecoverable password in Prestashop.

  • Compatibility: Prestashop 1.4 (not tested), Prestashop 1.5, Prestashop 1.6

Watch the screencast (text version below)

The Fact: The Employee does not exist, or the password provided is incorrect.

Prestashop wrong back office password

Have you ever tried logging in to your Prestashop back office, just to be presented with a nonsense message as the title above, without apparent reason? I bet. I did, and many other people as well. Then you tried password recovery, and it whether didn’t work, or you didn’t get any email. If it worked, once more, you have been lucky.

But if didn’t work then it’s absolutely fundamental to regain access to the back office as quickly as possible. Let’s see how to do it!

Manually regenerating the back office password

In order to be able to regenerate the back office password you need:

  • Database Access
  • FTP Access
  • A free tool to generate an MD5 hash (such as

First off, you should know that Prestashop saves our password as hashed md5 string, where another series of random characters is prepended to the real text. Here is the method taken from Tools.php:

public static function encrypt($passwd)
return md5(_COOKIE_KEY_.$passwd);

Now that we know it, we simply need to retriever the _COOKIE_KEY_ and prepend it to our string before generating the hash. Where is it located? In config/


define(‘_MEDIA_SERVER_3_’, ”);
define(‘_COOKIE_KEY_’, ‘7oxINWn9ihNci5oODOaJPRJyktpRNZQJjtWXgCOKTvHUmABDcskMQ4Vw’);
define(‘_COOKIE_IV_’, ‘rXFf5Wc9’);


Grab that, choose a random string and paste it to the md5 generator as shown in the following image, where I am using ‘simplepassword’ as password.

Prestashop generate a new md5 password

That’s the hash we need. Copy it, then jump over to your database, ps_employee table, and locate the user you are interested in:

Prestashop database - replacing password

Replace the password field, and you’re done!

Alternative way: creating a password generator file

Before proceeding be aware that it’s risky to keep a password-generating file live on your server. Therefore, once used it should be swiftly removed and kept elsewhere.

In your Prestashop installation root, create a file named pwdgen.php, and add the following inside:


if($pass = Tools::getValue(‘mypass’))
echo Tools::Encrypt($pass);

Add that’s it! You only need to follow the last step and replace it into the database. But again, make sure you don’t keep this file live on the server after using it.

Need PrestaShop Modules? Have a look at my Prestashop Addons Store!

Looking for quality PrestaShop Web Hosting? Look no further than Arvixe Web Hosting!

Tags: , , | Posted under PrestaShop | RSS 2.0

Author Spotlight

Fabio Porta

Fabio has been involved in web development and design since 2005, when launched his first website at the age of 16. He’s now highly skilled in both client and server side development, along with design, and since August 2012 runs a successful website about PrestaShop tutorials and Prestashop Modules called Nemo’s Post Scriptum, at

Leave a Reply

Your email address will not be published. Required fields are marked *