Cookie name	Description	Lifetime	Provider
_ce.clock_data	Store the difference in time from the server's time and the current browser.	1 day	Crazy Egg
_ce.clock_event	Prevent repeated requests to the Clock API.	1 day	Crazy Egg
_ce.irv	Store isReturning value during the session	Session	Crazy Egg
_ce.s	Track a recording visitor session unique ID, tracking host and start time	1 year	Crazy Egg
_hjSessionUser_2909345	Store a unique user identifier to track user sessions and interactions for analytics purposes.	1 year	HotJar
_hjSession_2909345	Store session data to identify and analyze individual user sessions.	1 day	HotJar
apt.uid	Store a unique user identifier for tracking and personalization.	1 year	Mageplaza
cebs	Store user preferences and settings.	Session	Mageplaza
cf_clearance	Store a token that indicates a user has passed a Cloudflare security challenge.	1 year	Cloudflare
crisp-client	The crisp-client/session cookie is used to identify and maintain a user session within the Crisp platform. It allows the live chat system to recognize returning users, maintain chat history, and ensure continuity in customer service interactions.	Session	Crisp
_ga	Store a unique client identifier (Client ID) for tracking user interactions on the	2 years	Google
_ga_7B0PZZW26Z	Store session state information for Google Analytics 4.	2 years	Google
_ga_JTRV42NV3L	Store session state information for Google Analytics 4.	2 years	Google
_ga_R3HWQ50MM4	Store a unique client identifier (Client ID) for tracking user interactions on the website.	2 years	Google
_gid	Store a unique client identifier (Client ID) for tracking user interactions on the website.	1 day	Google
_gat_UA-76130628-1	Throttle the request rate to Google Analytics servers.	1 day	Google

Cookie name	Description	Lifetime	Provider
_gcl_au	The cookie is used by Google to track and store conversions.	1 day	Google
__Secure-3PAPISID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
HSID	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data from unauthorized access.	2 years	Google
__Secure-1PSID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
SID	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data from unauthorized access.	2 years	Google
APISID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
__Secure-1PAPISID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
__Secure-3PSID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
SSID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
SAPISID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
__Secure-3PSIDTS	This cookie collects information about visitor's interactions with Google services and ads. It is used to measure advertising effectiveness and deliver personalised content based on interests. The cookie contains a unique identifier.	2 years	Google
__Secure-1PSIDTS	This cookie collects information about visitor's interactions with Google services and ads. It is used to measure advertising effectiveness and deliver personalised content based on interests. The cookie contains a unique identifier.	2 years	Google
SIDCC	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data, and protect visitor data from unauthorized access.	3 months	Google
__Secure-1PSIDCC	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	1 year	Google
__Secure-3PSIDCC	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	1 year	Google
1P_JAR	This cookie is a Google Analytics Cookie created by Google DoubleClick and used to show personalized advertisements (ads) based on previous visits to the website.	1 month	Google
NID	Show Google ads in Google services for signed-out users.	6 months	Google

Cookie name	Description	Lifetime	Provider
_dc_gtm	Manage and deploy marketing tags through Google Tag Manager.	1 year	Google
1P_JAR	Gather website statistics and track conversion rates for Google AdWords campaigns.	1 month	Google
AEC		1 month	Google
ar_debug	Debugging purposes related to augmented reality (AR) functionalities.	1 month	Doubleclick
IDE	The IDE cookie is used by Google DoubleClick to register and report the user's actions after viewing or clicking on one of the advertiser's ads with the purpose of measuring the effectiveness of an ad and to present targeted ads to the user.	1 year	Doubleclick
ad_storage	Enables storage, such as cookies (web) or device identifiers (apps), related to advertising.	1 year	Google
ad_user_data	Sets consent for sending user data to Google for online advertising purposes.	1 year	Google
ad_personalization	Sets consent for personalized advertising.	1 year	Google
analytics_storage	Enables storage, such as cookies (web) or device identifiers (apps), related to analytics, for example, visit duration.	1 year	Google

The Most Popular Extension Builder for Magento 2

With a big catalog of 224+ extensions for your online store

How to reset a locked Admin account in Magento 2

In Magento 2, it’s a common issue that hacker can abuse your security wall by attempting many easy-to-guess passwords consecutively. Consequently, your admin backend is locked due to many failed attempts and Magento 2 core will prevent admin users from continuing login.

magento2security

All login actions will be blocked for a certain period of time. If you’re using this Magento 2 Security extension, there will be a warning message sent to your email.

It’s not good news for both parties, unfortunately. To ensure the process of managing your backend timely, you can take advantage of launching some command lines which allows safe admin accounts to be able to log in back to the configuration as soon as possible. In order to have the authority performing Linux command-line operations, you must have the SSH access connecting to your server securely. This step requires permission from the server manager directly so this will be the end game for hackers, they can’t run command lines under your nose obviously.

Move forward to check out how to reset locked admin users, and bookmark them when you need this tutorial in a blink of an eye.

”

Security for Magento 2

Protect your store from cyber threats with Mageplaza's top-notch security

(28 reviews)

Check it out!

How to Reset a locked Admin account in Magento 2

Store owner can choose one of listed methods

Solution #1. Unlock in the backend

On the assumption that you’re managing several admin accounts but only one or two are locked, this will be the most simple way that can be accomplished right in the backend.

Navigate to the Locked Users section by accessing the Admin Panel and selecting System > Permissions > Locked Users.

backend

If there are locked users, a list will be displayed. Choose the specific user you wish to unlock by clicking the checkbox. Opt for the Unlock action and proceed by clicking the Submit button.

Solution #2. Reset using command lines

In this solution, you are required to use the command lines according to the following 3 steps:

Step 1: Open your Magento 2 dir
Step 2: Running command lines.
Step 3: Check the result

Step 1: Open your Magento 2 dir

First, open your Magento 2 dir, this is the general format to reset an admin user. Note that you just can unlock one by one account manually.

php bin/magento admin:user:unlock {username}

Step 2: Running command lines.

To unlock a specific admin account, insert the name of that admin into the {username} variable , for example with an admin named sam, type this command line:

php bin/magento admin:user:unlock sam

Step 3: Check the result

A success message will be delivered at the interface if the entered data is valid.

unlocksuccess

If there was a mistake in typing the name of the admin, this message will inform:
```
Couldn't find the user account "sam"
```
You should check and retype that command line from Step 1 along with the precise admin name again.
In case the account is not locked from the start or it can’t be unlocked, this following message will appear

unlock

Unlock Admin User Help :

Need guidance on unlocking admin users through the command line? You can simply use the following command:

php bin/magento admin:user:unlock --help

Reset a locked Admin account and more

To be amazed how protective and supportive your store can be guarded, you can try out to use this Security Solution:

Provide a Security Checklist that displays warnings of possible risks in admin and other data
Set a limited number of failed login attempts to prevent the store from break-in risks
Record all login history to track in the future
Provide file change detection to warn admins of suspected changes in important files
Set up Blacklist and Whitelist IPs easily in the backend

The bottom line

Resetting a locked Admin account in Magento 2 is a common action that many stores have to take due to security problems. You can either fix it with the above guidelines, or use our Security extension for better protection. This modulecan prevent unwelcomed violation attacks right from the log in steps at the backend, send warning emails timely, archive all login actions and give you a proper checklist which outlines possible harmful factors for your security issues. To prevent email to spam box, enable SMTP here

Related Topics

Vinh Jacker

With over a decade of experience crafting innovative tech solutions for ecommerce businesses built on Magento, Jacker is the mastermind behind our secure and well-functioned extensions. With his expertise in building user-friendly interfaces and robust back-end systems, Mageplaza was able to deliver exceptional Magento solutions and services for over 122K+ customers around the world.

Looking for Magento Development Company?

8+ years of experiences in e-commerce & Magento has prepared us for any challenges, so that we can lead you to your success.

Get free consultant