If you'd like to win one of the three copies of Greg Knaddison's Cracking Drupal: A Drop in the Bucket book, there's still just a few days left to enter. If you're not sure if you'd like a free copy, then perhaps you need to listen to DrupalEasy Podcast 16 - our interview with Mr. Knaddison where we discuss the book and how it can help Drupal developers and themers of all skill levels.
When developing a Drupal site, sometimes you have the need to reset a password - either for yourself or another user. Often, when working with a copy of live data, I want to be able to login as another user who is already in the system. Rather than asking them for their password, I use this method to change it.
While Drupal's built-in "reset password" functionality or user editing capabilities work great, if you're like me and tend to work with your database editor open, there's a quick-and-dirty way to quickly change a user's password.
Perhaps the most critical component of a Drupal site's security is the user login. For a login attack to be successful, the attacker must guess both the username and its password -- usually an impossible feat. But if the username can be easily guessed, that reduces the potency of this key security barrier. Far too many Drupal sites have "admin" as a username. Even worse, this is typically not a username assigned to a user who only has permissions for relatively innocuous capabilities, such as commenting on articles.