starred/karakeep

Fork 0

mirror of https://github.com/karakeep-app/karakeep.git synced 2026-04-26 08:26:03 +03:00

[GH-ISSUE #314] Lost password but still logged in #205

New issue

Closed

opened 2026-03-02 11:47:37 +03:00 by kerem · 5 comments

kerem commented

2026-03-02 11:47:37 +03:00

Owner

Originally created by @kjgcoop on GitHub (Jul 19, 2024).
Original GitHub issue: https://github.com/karakeep-app/karakeep/issues/314

First off, thank you, Hoarder creator(s), for making such a nice piece of software!

I got a new phone and discovered that my browser hadn't saved my Hoarder password. I'm still logged in on my laptop, so I'm not totally locked out. In the interest of keeping things interesting, my server doesn't send email, so if there's an option to trigger a password reset email, I can't use it.

It's a docker instance. If I can get my bookmarks out, I don't mind torpedoing it and starting again. I didn't see any way to export my data, although I did see that I could list my links at the CLI (https://docs.hoarder.app/command-line about changing a password).

My end game is being able to log into my phone. I figure either I can get CLI access to one of the Hoarder docker instances (I'm not sure which one) to go in and manually monkey with whatever database Hoarder relies on, or export my data then re-import it into a new install. I don't have a preference. Then as step two, save the password somewhere.

I don't mind doing some scripting if it makes the process simpler.

Any help would be much appreciated. Thank you!

Originally created by @kjgcoop on GitHub (Jul 19, 2024). Original GitHub issue: https://github.com/karakeep-app/karakeep/issues/314 First off, thank you, Hoarder creator(s), for making such a nice piece of software! I got a new phone and discovered that my browser hadn't saved my Hoarder password. I'm still logged in on my laptop, so I'm not totally locked out. In the interest of keeping things interesting, my server doesn't send email, so if there's an option to trigger a password reset email, I can't use it. It's a docker instance. If I can get my bookmarks out, I don't mind torpedoing it and starting again. I didn't see any way to export my data, although I did see that I could list my links at the CLI (https://docs.hoarder.app/command-line about changing a password). My end game is being able to log into my phone. I figure either I can get CLI access to one of the Hoarder docker instances (I'm not sure which one) to go in and manually monkey with whatever database Hoarder relies on, or export my data then re-import it into a new install. I don't have a preference. Then as step two, save the password somewhere. I don't mind doing some scripting if it makes the process simpler. Any help would be much appreciated. Thank you!

kerem

2026-03-02 11:47:37 +03:00

closed this issue
added the
question
label

kerem commented

2026-03-02 11:47:37 +03:00

Author

Owner

@kjgcoop commented on GitHub (Jul 19, 2024):

I've gotten this far:

.schema user
CREATE TABLE `user` (
	`id` text PRIMARY KEY NOT NULL,
	`name` text NOT NULL,
	`email` text NOT NULL,
	`emailVerified` integer,
	`image` text,
	`password` text
, `role` text DEFAULT 'user');

I wasn't able to rainbow table the password column into its original value, so I assume it's salted, but I don't see any clue as to what the salt might be.

Any insight would be much appreciated. Thank you!

EDIT: Had pasted the wrong table definition.

@kjgcoop commented on GitHub (Jul 19, 2024): I've gotten this far: ``` .schema user CREATE TABLE `user` ( `id` text PRIMARY KEY NOT NULL, `name` text NOT NULL, `email` text NOT NULL, `emailVerified` integer, `image` text, `password` text , `role` text DEFAULT 'user'); ``` I wasn't able to rainbow table the password column into its original value, so I assume it's salted, but I don't see any clue as to what the salt might be. Any insight would be much appreciated. Thank you! EDIT: Had pasted the wrong table definition.

kerem commented

2026-03-02 11:47:37 +03:00

Author

Owner

@kjgcoop commented on GitHub (Jul 19, 2024):

Sorry, I should have done this all as one post. I looked at packages/trpc/auth.ts and noted that it's hashed with bcrypt. I went to https://bcrypt-generator.com/ and generated a new password and put it in db.db, but when I tried to put it into the web UI, it rejected my new password.

@kjgcoop commented on GitHub (Jul 19, 2024): Sorry, I should have done this all as one post. I looked at `packages/trpc/auth.ts` and noted that it's hashed with bcrypt. I went to https://bcrypt-generator.com/ and generated a new password and put it in db.db, but when I tried to put it into the web UI, it rejected my new password.

kerem commented

2026-03-02 11:47:37 +03:00

Author

Owner

@MohamedBassem commented on GitHub (Jul 19, 2024):

Hi @kjgcoop, we should probably add a reset password functionality in the admin CLI indeed. But for now, since seem to be comfortable with tinkering with the database, your easiest route is just creating a new user, and then updating the database row of your original user with the password of your new user. Hoarder doesn't currently use salts (known gap), so just copying the passwords hash between accounts should do the trick.

@MohamedBassem commented on GitHub (Jul 19, 2024): Hi @kjgcoop, we should probably add a reset password functionality in the admin CLI indeed. But for now, since seem to be comfortable with tinkering with the database, your easiest route is just creating a new user, and then updating the database row of your original user with the password of your new user. Hoarder doesn't currently use salts (known gap), so just copying the passwords hash between accounts should do the trick.

kerem commented

2026-03-02 11:47:38 +03:00

Author

Owner

@kjgcoop commented on GitHub (Jul 19, 2024):

Awesome! I'm all set. Thank you!

@kjgcoop commented on GitHub (Jul 19, 2024): Awesome! I'm all set. Thank you!

kerem commented

2026-03-02 11:47:38 +03:00

Author

Owner

@raviwarrier commented on GitHub (Oct 12, 2024):

Hi @kjgcoop, we should probably add a reset password functionality in the admin CLI indeed. But for now, since seem to be comfortable with tinkering with the database, your easiest route is just creating a new user, and then updating the database row of your original user with the password of your new user. Hoarder doesn't currently use salts (known gap), so just copying the passwords hash between accounts should do the trick.

Is there a way for non-techie guys to be able to do this? I am in the same boat today as kjgcoop was.

@raviwarrier commented on GitHub (Oct 12, 2024): > Hi @kjgcoop, we should probably add a reset password functionality in the admin CLI indeed. But for now, since seem to be comfortable with tinkering with the database, your easiest route is just creating a new user, and then updating the database row of your original user with the password of your new user. Hoarder doesn't currently use salts (known gap), so just copying the passwords hash between accounts should do the trick. Is there a way for non-techie guys to be able to do this? I am in the same boat today as kjgcoop was.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/karakeep#205

No description provided.

Rows
Columns