How to change the password of a superuser in Django

In this shot, we will learn how to change the password of the superuser on a Django project.

Django stores passwords in a complex, crypted way, and because of this, we cannot directly manipulate the password of the user. However, there are several ways to change the superuser’s password.

Methods that require the username

These methods will only work if you remember the username.

Method 1

(env) C:\Users\name_of_your_project> python manage.py changepassword <username>
  • You can enter the following code in the command line:
Changing password for user '<username>'
Password:
Password (again):

  • You will be prompted to enter the password twice. If the passwords match, the new password will be updated.

  • If you fail to change the password three times, you will get the error message below:

CommandError: Aborting password change for user '<username>' after 3 attempts
(env) C:\Users\name_of_your_project>

Make sure that the new password contains at least 8 characters and is not entirely numeric or too common.

Method 2

You can also use set_password() from the shell, as shown below:

(env) C:\Users\name_of_your_project> python manage.py shell
>>> from django.contrib.auth.models import User
>>> u = User.objects.get(username='<username>')
>>> u.set_password('new password')
>>> u.save()

After you use set_password(), don’t forget to save(). If you do not save, your password will not be changed.

Method 3

You can use the Django admin if it is installed. You have to know your user’s password to use this method.

  • Even though the passwords are not displayed (not stored in the database), there is a link to a password change form that allows admins to change user passwords.

  • In the command line, you have to use runserver:

(env) C:\Users\name_of_your_project> python manage.py runserver

System check identified no issues (0 silenced).
December 06, 2021 - 22:26:53
Django version 3.2.9, using settings 'name_of_your_project.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CTRL-BREAK.

  • Click on //127.0.0.1:800/ and you will access the page on the internet.

  • You have to run //127.0.0.1:800/admin to access Django administration, and you will be directed to the page below.

  • Click on CHANGE PASSWORD and you will be redirected to the following page.

Alternate methods

If you do not remember your username and password, you can use the method below.

  • You can create another superuser with the createsuperuser command.
(env) C:\Users\name_of_your_project> python manage.py createsuperuser
  • You can open the shell and user is_superuser to search for all the superusers through the console.
(env) C:\Users\name_of_your_project> python manage.py shell
>>> from django.contrib.auth.models import User
>>> User.objects.filter(is_superuser=True)
  • You will get a list of all of the superusers in the system. If you recognize your username in the list, you can use the set_password command.
>>> u = User.objects.get(username='<username>')
>>> u.set_password('new password')
>>> u.save()
  • You can also search the sqLite or postgresql database, or whichever database you are using for your Django project. To find the username, enter the table name auth_user. If you recognize your username, you can use one of the previous methods to change your password.

Free Resources

License: Creative Commons-Attribution-ShareAlike 4.0 (CC-BY-SA 4.0)