How-to: Reset Unifi controller password hosted on Windows

A quick guide on how to reset the password for your Unifi Controller. You only need access to the Windows machine that is hosting the controller.

Table of Contents

My setup

Machine: Windows Server 2019 1809, build 17763.737
Unifi controller: 6.1.71
NoSQLBooster: 6.2.11

Step 1. Download and install NoSQLBooster

You need a program to open the Unifi controller database.
I recommend NoSQLBooster. It’s free, easy to install and easy to use.

So, Download and install NoSQLBooster.
Link to the program: NoSQLBooster

Step 2. Connect to the database

  1. Open NoSQLBooster.
  2. Click on “Connect” in the upper left corner.
  3. Click “Create”.
    Server = localhost
    Port = 27117
  4. Click “Save & Connect”

Step 3. Changing the password

  1. Navigate to Localhost > ace > admin
  2. Click on “admin” to mark it and press enter.
  3. Doubleclick on the “x_shadow” field.
  4. Replace the current text with this: $6$OzJJ0heL$XyD5qt4pviLieuj8CMFbnSc9VYvxDyzYpH7dHC8wmaLwKv9xwyDxBiMx3GcT8nEdIa7XJbqlZo39jhfbQBXRM/
  5. Close NoSQLBooster.

Step 4. Done

The password is now password123

I advise you to change that 😉

Video guide:

Comments

58 Responses

  1. Hi,

    Posting this was the least I could do to say a huge THANK YOU to you!
    You are a legend.
    This worked and fixed my issue in seconds.
    Ubiquiti support is so horrible it’s not even funny.

    They expected me either setup SMTP on my controller (which is trash and doesn’t work with my Gmail account which I use daily) or reinstall my controller and adopt each device separately.
    Hopefully after this breach, they learn and will implement things differently.

    Once again, thank you so much!

    Regards,
    Shrian

      1. felix, please help! I couldn’t find the x_shadow field. Can you tell me how to fix the issue by adding the x_shadow string field?

    1. Hello,

      I have connected to this using NOSQL just fine, but when it tells me to search for the x_shadow field, i do not have any entries. I have all the directors and i am under localhost>ace>admin, but nothing else is there and it says (0) next to it.

      This is the only machine the controller is installed on. I inherited this environment from a disgruntled IT admin who locked everyone out when she left, just trying to get back into the system. Any suggestions is greatly appreciated.

  2. This worked flawlessly and took less than 5 minutes….literally!

    Thank you sooooooooooooooooo much!

  3. When I open the program I dont get the ADMIN (1) like you show. Instead it shows Admin (2) with some other options. System vs 1 and users but no admin to select?

    charlie

    1. What version is your unifi controller?
      Can you send a screenshot of your admin (2) and the other options?

  4. Thanks so much. *NOTE* I had to use the UniFi Controller program as shown in these instructions [my version 6.2.25] and not a direct query to the IP address of the controller.

  5. Thank you posting this. If this works you are a life saver! Here is the error I receive when trying to get the database.

    “message” : “failed to connect to server [localhost:27117] on first connect [Error: connect ECONNREFUSED 127.0.0.1:27117” +
    “at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1056:14) {” +
    “name: ‘MongoNetworkError'” +
    “}]”,
    “stack” : “MongoNetworkError: failed to connect to server [localhost:27117] on first connect [Error: connect ECONNREFUSED 127.0.0.1:27117” +
    “at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1056:14) {” +
    “name: ‘MongoNetworkError'” +
    “}]” +
    “at Pool. (C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\topologies\\server.js:438:11)” +
    “at Pool.emit (events.js:203:13)” +
    “at C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\pool.js:562:14” +
    “at C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\pool.js:995:11” +
    “at C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connect.js:32:7” +
    “at callback (C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connect.js:280:5)” +
    “at Socket. (C:\\Users\\CliftonDavis\\AppData\\Local\\Programs\\nosqlbooster4mongo\\resources\\app.asar\\node_modules\\mongodb\\lib\\core\\connection\\connect.js:310:7)” +
    “at Object.onceWrapper (events.js:291:20)” +
    “at Socket.emit (events.js:203:13)” +
    “at emitErrorNT (internal/streams/destroy.js:91:8)” +
    “at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)” +
    “at processTicksAndRejections (internal/process/task_queues.js:77:11)”,
    “name” : “MongoNetworkError”
    }

  6. It did not work for me. I have UniFi Controller 6.2.26 installed. Its the newest version. I can connect to the database using NoSQLBooster. Im navigating to localhost -> ace -> admin and then hitting enter. But no records was found :/ the admin is empty.

    1. That’s really weird. I just tried installing 6.2.26 on my own PC, it works fine here. I can’t reproduce the error you guys are getting, sorry.

  7. It didn’t work unfortunently. Im able to connect to the database using NoSQLBooster but once I navigate to Localhost -> ace -> admin and hit enter it says no records found :/

  8. I had the same problem that I could not start the Controller Setup process and ​I solved my problem by doing the following steps.

    I put the switch power-less for about 10 hours, then I start it with holding the reset button for about 30 sec and made a factory reset.

    In the next step, I uninstall the controller software made a reboot my pc.

    Then I reinstall the controller software. Now I came to the seput process of the controller software.

  9. Didn’t work for me.
    I have a Cloud Key Gen2 that has failed, but I have backups from a few days ago (and older). The cloud key was running 6.2.26.

    So I started 6.2.26 in Docker on my Macbook, then restored from the backup. Seems to have worked, except that the username/pwd didn’t work (which is how I arrived here on this page, of course).

    Using a Mac, I fired up Mongo’s own Compass software, connected to the db.

    There’s no “ace” database.
    The databases I can see are

    – admin (empty db)
    – config (empty db)
    – local (has a single collection “startup_log”)
    – unifi (has an “account” collection that looks promising, with an entry for my username. That’s probably it.
    – unifi_stat (a bunch of stats related collections)

    Changed the x_password field, but no luck when trying that pwd in the web login page.

    The entry in that account blob looks like this (seems this format is different to the one mentioned above too):

    {
    “name”: “goran”,
    “x_password”: “$6$OzJJ0heL$XyD5qt4pviLieuj8CMFbnSc9VYvxDyzYpH7dHC8wmaLwKv9xwyDxBiMx3GcT8nEdIa7XJbqlZo39jhfbQBXRM/”,
    “tunnel_type”: 3,
    “tunnel_medium_type”: 1,
    “site_id”: “61005a14”
    }

    FWIW, I’ve been authenticating using my Unifi.ui.com account, so those tunnel fields above might have to do with that (just guessing really).

    Ideas, anyone?

  10. Thanks for publishing this guide. I was migrating from UDMP to a Windows UniFi Controller and used a backup restore.

    I couldn’t find the x_shadow field, I think because it authenticates with the UI cloud.

    The fix was just to add the x_shadow string field and paste the same password hash in this guide to create the password123:
    $6$OzJJ0heL$XyD5qt4pviLieuj8CMFbnSc9VYvxDyzYpH7dHC8wmaLwKv9xwyDxBiMx3GcT8nEdIa7XJbqlZo39jhfbQBXRM/

    Saved me a lot of frustration with this.

  11. thanks for this. your solution was the only one that worked for me. i swear i didn’t forget my password either… it just wasn’t letting me log in, weird.

    oh well, at least now i have a solution. seems kind of unsecure to allow this however.

  12. My man! You are a life saver. This worked for me and allowed me access to the UniFi controller. I tried for like an hour trying username/password combinations with no success. Did this and like 5 minutes later I am in! Thanks again for these instructions.

  13. Thank you, this is amazing! Searched the whole internet and got so many hints which did not work for me. Yours took me like 3min and its done!

  14. This worked for me, but not the first time
    After setting the password, I failed to login to unifi controller with “admin”

    Also take note of the field above “x_shadow” called name:

    Once I noticed that I’d used my personal name and not admin, the password123 worked

    @felix great guide
    perhaps consider updating to alert user to check their username from “name” field
    ;p

  15. I realize I’m running an old version, so maybe that’s why I’m still having issues.

    I’ve had to download their v3.5.7 because my database was still v2.4.14. I still find the same keys under admin. I’ve swapped the password strings and they still don’t work. Verified the name is what I’m using as well. It looks like it should be a great fix for next time, if I lose my keepass database again.

    Thanks for compiling this!

    1. Just for my own sanity, I went looking for another string to try for the password. The string “$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1” worked for me as password. Not really sure why I had an issue with the other one. I went back to verify I copied it correctly and it still didn’t work. I’ll just take my win for the morning.

  16. Thank you Felix, this worked for me as well. Changing only the password field did not work, so I thought the value could be “salted”. I also changed the username and password to exactly what you had in the screenshot, and it worked! 🙂 Once I logged it with the password you provided, I changed the username, email and password. (might be just the “name:” which salted the hash, but I took the email as well)

    Thanks again for saving me from not having to reset to factory defaults all my gear… 🙂

  17. Thank you for your assistans! It worked on the latest unif controller 6.5.55 too!

    A quick tip for the ones with trouble : The controller software must be on or you cant connect!

    👌👌👌👌👌👌👌👌👌😁

  18. Gday Felix

    Thanks very much for the guide.

    Having a bit of trouble connecting to the local host. Any ideas?

    {
    “message” : “connect ECONNREFUSED 127.0.0.1:27117”,
    “reason” : {
    “type” : “Single”,
    “servers” : {

    },
    “stale” : false,
    “compatible” : true,
    “heartbeatFrequencyMS” : 10000,
    “localThresholdMS” : 15
    }
    }

  19. I think im doing something wrong. I get to localhost, ace, admin…. But my admin has (0), not (1) like yours. Any suggestions?

  20. Does this work on version 7.1.65? I have tried it, but the password is not working for me. Any help pls

  21. Hello. It worked in me. But for a server with Windows Server 2008 and MongoDB version 2.4.14, it was necessary to install NoSQLBooster version 3.5.7. I’ve had a lot of time for this.

    It is necessary to pay attention to the version information.

    Thanks Felix. 🙂

  22. My situation is slightly different.
    I know my Unifi Controllers Application password in order to access and manage my settings and check on the devices attached. So I don’t have the issue of not knowing the password.
    I’ve been seeing unknown mac address’s that I have to block so I thought I might need to change access to my AP settings.
    Once in, I cannot find where I need to go to change the password to something stronger to ensure no one else is attempting to get in to access the Unifi application (ver 7.2.94).
    How do I change a known password to a new stronger password?
    Thanks for the help.
    SG

  23. Hi Felix,

    Unfortunately it didn’t work for me. I’m using controler 7.3.83. I was able to enter the x_shadow field and copied/paste the string mentioned in your guideline. I checked if the string was adapted to the file and it was. I closed down NoSQLBooster and tried to log in with my own name and the new password123. Access still denied. Any suggestions how I can solve this problem?

  24. Thank you, thank you, thank you!!! Just used your instructions today (02-26-2023) and they worked perfectly!!! I have Unifi Network Application version 7.3.76 and NoSQLBooster 8.0.3 Amazing, thank you again.

  25. Hi Felix,

    Thank you very much for this. I searched the ubiquity documentation without success.
    Thanks to you I do not have to reconfigure our production switches.

Leave a Reply to JR Cancel reply

Your email address will not be published. Required fields are marked *