Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By Falcox on
Hi,
I'd like to send my Drupal installation to a colleague, but I don't want him to see the username and the password of my database.
Where are stored these informations ?
I've seen that the username and the password are written in sitename/sites/default/settings.php, but is it the only file with these informations ?
Is it sufficient if I change the username and the password in this file and then sending my colleague all my Drupal files and my database ?
Thank you.
Comments
Drupal installation port to centralized server.
Drupal installation port to a centralized server. Give to git ignore settings.php
Hi. Thx for your answer but I
Hi. Thx for your answer but I'm not sure I'm fully understand it. Do you suggest to put my site on Git ? If so, it may be a quite heavy solution for my problem... I'd prefer something easier :)
you appear confused ...
The user name and password in the settings.php file NOT a Drupal user/password pair.
The username and password in the settings.php file are the MySQL database username and password.
Load and run phpmyadmin, which provide MySQL database management.
In phpmyadmin there are features that provide access to MySQL username's and their privileges on each SQL database managed by the MySQL server.
----
If you are giving a copy of a Drupal website so someone else, yes, you can edit the settings.php file to remove the database name, username, and password, from that file since the information won't be useful to someone else on a different server.
spritefully yours
Technical assistance provided to the Drupal community on my own time ...
Thank yous appreciated ...
Hi,
Hi,
Thx for your answer.
I understand the difference between the username/password of the database and the username/password to login into the site.
However I thought that the usernames and passwords of the users of the site were encrypted in the database, aren't they ? If this is the case, I don't have to do anything on the database because nobody can see them, right ?
drupal usernames and password storage
Drupal usernames and passwords are stored in the MySQL database on the server.
Drupal user passwords are encrypted in the database using secure encryption.
It is possible to view the relevant tables in the database using the phpmyadmin utility.
To further enhance security try the following contrib modules:
password policy module
super login module
login security module
spritefully yours
Technical assistance provided to the Drupal community on my own time ...
Thank yous appreciated ...
Remove users other than super
You might want to remove the users > 1, maybe even change the username and password of user 1.
falcox
falcox - plese ignore the comment just above.
spritefully yours
Technical assistance provided to the Drupal community on my own time ...
Thank yous appreciated ...
Thx everybody for your help.
Thx everybody for your help. I know what I should do now.