Jenkins Password Recovery: From Panic to Access in Minutes

What If You Forget Your Jenkins Password?

Let’s talk about a situation we don’t usually think about…
What if you forget your Jenkins password? Or worse — what if the Jenkins admin forgets theirs?

Real-Time Setup & Daily Workflow

  1. Default Admin

    • When you first install Jenkins, it creates a built-in admin user.

    • You set an initial password at first launch (from the autogenerated secret).

  2. Create Your Own Admin Account

    • Immediately create a new user (e.g. beth_admin) with full admin permissions.

    • Log out of the default admin and only use beth_admin (or another named account) going forward.

  3. Spin Up Project Users

    • For each team/environment—dev, test, prod—create dedicated Jenkins accounts.

    • Grant roles/permissions scoped to those folders, jobs, or pipelines.

  4. Ongoing Maintenance

    • If the testing team forgets their test_user password:

      1. Log in as beth_admin

      2. Go to Manage Jenkins → Manage Users

      3. Select test_userConfigureReset Password

    • Share the new password securely.

Scenario 1: A Regular User Forgets Their Password

When any non-admin user loses access:

  1. User reaches out to the Jenkins admin.

  2. Admin resets the password via Manage Jenkins → Manage Users.

  3. Admin communicates the new credentials securely.

  4. User logs back in and can continue work instantly.

Scenario 2: The admin forgets the password

You might think: Who resets the admin’s password then?
In 99.99% of real-time production environments, this isn’t a problem. Why?

✅ Real-World Strategy

  • We don’t rely on just one admin account.

  • We assign admin rights to more than one user.

  • We don’t use the default admin account once Jenkins is set up.

  • Admin credentials are often stored in secure tools like AWS Secrets Manager, Vault, 1Password, etc.

But what if everything fails?

💥 Worst Case: All Admin Credentials Lost!

Let’s take an analogy:

You lock yourself out of your car with the keys inside.
What do you do? You might break the window to get in.
Similarly, in Jenkins, you can break in — but safely.

Here’s how 👇


Jenkins Emergency Access – Resetting Admin Password

  1. SSH into your Jenkins server (e.g., EC2 instance).

  2. Navigate to the Jenkins home directory:

     cd /var/lib/jenkins/
    
  3. Open the config.xml file:

     sudo vim config.xml
    
  4. Find and change:

     <useSecurity>true</useSecurity>
    

    to

     <useSecurity>false</useSecurity>
    
  5. Restart Jenkins:

     sudo systemctl restart jenkins
    

    • Now, when you access Jenkins in the browser, it will skip the login and take you directly to the dashboard.

  1. Go to:

    • Manage Jenkins → Configure Global Security

    • Turn security back on: set useSecurity to true

    • Choose Jenkins’ own user database

    • Save settings

  2. Go to Manage Jenkins → Users

    • Find your admin user ID

    • Click on it → Change password

  3. Finally, go to:

    • Manage Jenkins → Configure Global Security

    • Set authorization to: "Logged-in users can do anything"

    • Save

🔁 You’ll now be redirected to the login screen.
Use your new credentials to log in.

Forgot Your Username Too?

No problem—list the users directory:

cd /var/lib/jenkins/users/
ls

Each folder name corresponds to a Jenkins user ID. Spot your username in the list, then use it to log in or reset its password.

Key Takeaways

  • Always retire or rename the default admin user after initial setup.

  • Maintain at least two active admin accounts to avoid single points of failure.

  • Use a dedicated secrets management solution for storing and rotating credentials.

  • Schedule regular, automated backups of your $JENKINS_HOME (including config.xml).

  • Document these recovery steps in your team’s runbook and practice them in a staging environment.

Pro Tip: Running a quarterly “lost password” drill on a test Jenkins instance will ensure your team stays sharp—no surprises under pressure!


If this article helped you in any way, your support would mean a lot to me 💕 — only if it's within your means.

Let’s stay connected on LinkedIn and grow together!

💬 Feel free to comment or connect if you have questions, feedback, or want to collaborate on similar projects.

10
Subscribe to my newsletter

Read articles from Bhavya Pasupuleti directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Bhavya Pasupuleti
Bhavya Pasupuleti