Resetting The Raiser’s Edge Password

I notice that Blackbaud now has a utility out that handles Supervisor password resets without going through the faxing rigamarole, but when I had to do this I don’t know if that would have been a big help anyway as my customer A) Needed supervisor access to Raiser’s Edge right away and B) They had fired the one employee who had both supervisor access and was the Blackbaud support user.

The two things I did have though was administrator access to the Raiser’s Edge MS SQL database and the SQL Server Management Studio.  My quick and dirty fix was to open the database (re7), open ‘tables’ and then find the ‘USERS’ table (dbo.USERS).  I then right-clicked the table and then chose ‘open table’.  There is one other thing that’s needed for this procedure at this point: a password that is known.  In this case I had the one’s below:

I’ll point out that I put no energy into checking out the hashing code used (i.e., can the PASSWORD field be blank?  Are the passwords hashed the same on every RE install?, etc.).  In this case all I did was copied the PASSWORD hash field from an account whose password was known to the Supervisor PASSWORD field.  (It goes without saying that I also backed the database up first (right click the database->tasks->Back Up…))

1 comment to Resetting The Raiser’s Edge Password

  • Ian

    Hi Steve.

    Your post helped a bit. I started by getting an idea to view the hash of the Supervisor password within the Raiser’s Edge demo database, but couldn’t get into the database. The thinking here was that the hash of the password ‘ADMIN’ would be the same.

    Instead, I was able to place a single space character into the Supervisor’s password field within the dbo_USERS table of the live system.

    On the front-end GUI, when you attempt to login with Supervisor, you put in a space character for the password and you’re good to go.

    The only problem I have come across is for subsequent logins, the program will state that your password has expired. There are a couple of ways to deal with this, but going into the database and resetting it to a single-space appears to work.

    Once you do this, you could create additional accounts with appropriate permissions… sky’s the limit.

    Hope this helps out others in a similar circumstance. The only limiting factor would be to have the appropriate rights on the database to make the change to the hash.

    – Ian

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>