Magento Admin – “This account is locked.”, how to unlock it?

In Magento Enterprise Edition a security feature has been implemented which allows you to set the number of failed login attempts after which your account will get locked.

To make these security setting go to  Admin >> System > Configuration, click the Admin tab in the left column, and select the Security section. Now make the following settings and save the configuration:

Maximum Login Failures to Lockout Account – Determines the number of consecutive failed login attempts that will cause that account to become locked. If you do not want to enable the lockout feature, leave this field blank.

Lockout Time (minutes) – Determines the duration, in minutes, for which the account will be locked after the failed logins.

 

Admin Account Locked

 

After the “Lockout Time“, the account will be unlock on their own but if  you want to get them unlocked before that period, here are the ways you can do that:

1. Using Magento Admin

If you have any other user with full Administrator permissions then he can unlock your account from Magento admin by navigating to System > Permissions > Locked Users

2.  Using phpMyAdmin

Magento admin_user table

a) Open phpMyAdmin and select the Magento website database.

b) Now find the ‘admin_user’ table and open it.

c) Look for the user row you want to unlock it.

d) Click the “Edit” link for row and make the following data changes:

failures_num = 0,

first_failure = NULL,

lock_expires = NULL

e) Save the changes.

3. Using MySql client

a) Login MySql


$ mysql -uusername -p

This will ask for mysql user ‘username’ password. Type the password and press enter.

b) Select the Magento database


use magentodatabase;

c) Now run the following query for unlocking the user with username ‘admin’


UPDATE admin_user
SET failures_num = 0, first_failure = NULL, lock_expires = NULL
WHERE username = 'admin';

If  userid is known then you can also use the following query (assuming user_id to be 1):


UPDATE admin_user
SET failures_num = 0, first_failure = NULL, lock_expires = NULL
WHERE user_id = 1

Magento does the same in its unlock($userIds) function located in file \app\code\core\Enterprise\Pci\Model\Mysql4\Admin\User.php

Leave a Comment

Back to top