Continuing the topic of 1C administration, begun in the last lesson on , today we would like to discuss the main aspects of using passwords in 1C.
Passwords in 1C are used in many places, including to restrict access when entering 1C, to password-protect modules. I would especially like to touch on the security of internal configuration passwords, which are not standard and are organized by programmers for their own needs.
We will also discuss managing user passwords in 1C - how to remove or change a 1C password.
If a web client (or a thin client in HTTP mode) is used, then authorization is more difficult, since in this case, before accessing 1C (and authorizing in it), the user needs to log in to the web server that provides access to 1C.
Change password 1C or remove password 1C
The user can independently change the 1C password (depending on the configuration, in most typical configurations it is possible).
In thick client configurations (old 1C), for this, under user rights, select the menu item Service / User Options and enter New Password 1C (the old password 1C does not need to be entered). If this menu item is not present, then it is disabled by the administrator.
In configurations thin client(new 1C) similar actions are possible if you have the Administration tab available. Select the menu item on this tab (top right) Settings/Personal settings/User information.
If you yourself are an administrator, then you can change the 1C user password in the following ways:
If you have forgotten your 1C password, then it is possible to reset it, study for this.
Password 1C per module
The easiest way to protect the text of programs in the 1C language () is to set a 1C password to access the module. The text of the module is encrypted. Unfortunately, any module cannot be protected in this way.
You can set a 1C password:
- Open the required module in the configurator
- Menu item Text/Set password
If at the same time 1C declares that “This module cannot be protected”, or this menu item does not exist, then you need to move the functions and procedures of the module to another and protect it. At the very least, you can override it.
The way to protect a module without a password is to exclude the program text altogether. The fact is that the text of the program is compiled (transformed into a special unreadable form) before execution. You can remove the module text, leaving only the compiled "code".
To do this, select the menu item Configuration/Configuration delivery/Delivery settings and select Exclude module texts from the required modules. In particular, this can be done with processing, and then save it to an external ( right click for processing, Save as external processing).
Both methods, unfortunately, are bypassed by 1C decompilers common on the Internet, which allow you to restore the program text from the compiled "code".
Password for updating 1C
When you try to update 1C online (Configuration / Support / Update configuration), 1C will ask you for a password to access the update site.
When buying a 1C configuration, in a large yellow box, in addition to a CD and books, there will be an envelope with a PIN code. In addition to this, you will need registration number configuration (written on the box or in the purchase documents). If for some reason the registration number is not found, try calling those. 1C support.
So, having found both numbers, go to the 1C website (http://users.v8.1c.ru/getpswbase.jsp) and register yourself. As a result, you will receive a password to download and install updates.
Passwords on form 1C
Sometimes in the process of developing a configuration, a programmer needs to create a mechanism for accessing another database or other software, or simply protect part of the configuration with an additional password.
To do this, in the input field properties there is a Password mode property. A field that is checked will show an asterisk (*) instead of characters as you type.
The password itself, by default, will be stored in the usual details of the directory / document, with all the ensuing consequences (the ability to view using external processing or querying the data, browsing in the SQL table of this reference).
This action is first performed by the system administrator in the section Administration - Program settings - User and rights settings:
Users, in which all users working in the 1C 8.3 program are entered, and opens the card of a specific user, for example, Petrova:
By default, the user is assigned the so-called "Empty password" (there is no password):
So when you press a button OK when the database is launched under its own name, the 1C 8.3 Accounting 3.0 program will successfully start:
As you might guess, in this case under the name Petrova any user can log in. To avoid this situation, the administrator sets a user password. To do this, press the button Set password and in the opened form enters the password manually, confirms it and presses the button Set password:
In the program 1C Accounting 8.3 rev.3.0, you can create a password automatically. To do this, when setting a password, press the button Create a password:
A new password will be generated. It is advisable to copy it, as the program suggests. Then you have to press the button close and button Set password. Thus, a new password will be set for the user.
Now, when you try to enter the 1C 8.3 database without entering a password and pressing the button OK – the program will not be entered and the system will display the following message:
Only after entering the correct password will the 1C 8.3 program be launched:
and the start page will open:
How to enter 1C 8.3 if you forgot your password
Only the administrator of the 1C 8.3 program can remove the user password. This may be needed, for example, if the user has forgotten the password.
Administrator opens directory Users, selects the user Petrova and opens the password setting with the button Set password:
In the window that opens, delete the entries in the fields New Password And Confirmation and press the button Set password. The password will be removed:
How to change the password in 1C 8.3
Depending on the settings, the administrator can grant the user the right to independently change the password in 1C 8.3 Accounting 3.0. To do this, check the box in the user card Require a password to be set at login:
In this case, when the user Petrova enters the program, the password change window will open. Until the user Petrova sets a new password, and he may be Blank password , that is, the password will be removed, the user Petrov will not be able to start working in the 1C 8.3 database.
In this case, you need to specify the old password and enter a new one manually or automatically by clicking the button Create a password. Then press the button Set password. The window will close and you can work in the program:
Can a user of 1C 8.3 change the password on their own
Now imagine that the user Petrova it is forbidden to change the password (the corresponding checkbox is enabled):
Petrova is an experienced user of the 1C Accounting 8.3 ed.3.0 program and wants to change the password. User Default Petrova directory Users not visible.
Therefore, it adds a new command to the section navigation bar Administration as shown in the figure:
As a result, the directory becomes available Users:
User Petrova opens her user card and tries to reset her password, but this cannot be done because the button Change password unavailable (colored grey):
Therefore, to change the password, she will have to seek help from the administrator of the 1C 8.3 base.
How to install in move in 1C 8.3 by password operating system
A few words about other options for entering 1C 8.3. When starting the database, you can remove the password in 1C 8.3 and become a way in pass by password operating system or by protocol openID. To do this, in the guide Users there are 2 more checkboxes:
- When the checkbox is enabled Operating system authentication the user of the operating system is indicated (his login and password for entering the OS) on which 1C Enterprise 8 is installed. In this case, login authentication through 1C can be enabled or disabled. In the latter case, the 1C Accounting 8 program will start without specifying the username and password in 1C.
- How to enter the 1C program by protocol open ID used only when connecting to the program via a web server. In this case, the service address must be configured. The authentication flag through 1C can be either enabled or disabled, similar to entering the program through the OS:
If you need help in mastering a wider range of operations in the 1C program, then we suggest that you take our professional course "". Learn more about the course in the next video.
Setting and removing passwords in 1C programs is based on the platform level of all versions. Authorization of users is necessary to protect information and delimit access rights in this database. The combination of a username and password is called a login.
It should be noted right away that the 1C platform does not cryptographic encryption data, and therefore its data protection is not a reliable guarantee of the secrecy of service information, but serves mainly to restrict access to information security users.
In fairness, the password protection of file versions of 1C 7.7 was not removed only by the lazy. The reliability of storing user passwords in 1C 8.2 and 8.3 configurations has increased, but nevertheless it cannot serve as an example of a reliable system for hiding data from prying eyes.
To set, change, or remove passwords for users, you must have administrator rights. You need to enter the 1C Accounting or Trade database in the configurator mode under the name of the system administrator. If there are no users in the infobase yet, then first you need to create a user with administrator rights and set a password for him.
To perform any actions with user rights in the 1C V8 database in the configurator mode, use the menu item Administration -– Users. Here you can add or remove users, set their rights and make some other settings.
The password is entered in blind mode (password 1c), i.e. the input text is not displayed on the screen so that it cannot be visually removed by those present. Therefore, the input procedure must be repeated in the "Password Confirmation" field to make sure that the hidden text is entered correctly. User rights, i.e. what he is allowed to do is set on the "Other" tab.
It is strongly discouraged to set widely known information that is easy to find out as passwords. For example, repeating the login name, date of birth, phone number will greatly facilitate the selection of such a “secret” code for someone who wants to hack your login.
On the other hand, it is important to remember your 1C password. It can be written down, but the record must be put in a safe place. Any password can be forgotten after a vacation or any long absence from work. As a last resort, you can lose user passwords, but you must be sure to store the administrator password. Because without it it will be impossible to reset old or get new users.
In the event of an irretrievable loss of the administrator's login, you can contact your invaluable information base at the address at the end of the article.
In conclusion, it is worth paying attention to several important points:
- Do not delete old users. This will lead to the impossibility of analyzing the logs to find out who and what did with the documents in the past period. In this case, you can remove such logins from the selection list when starting the program.
- Do not transfer old logins with passwords to new users, for example, to a newly hired employee in place of the old one. Again, it will be difficult to find out who screwed up in the database - an old employee or a new one.
- Securely store the administrator login, because without it it will be impossible to update the configuration, manage users and their rights. This item is very relevant when changing the chief accountant, system administrator or incoming 1C specialists.
Consultations on 1C passwords can be obtained by e-mail on [email protected]
Very often, this procedure has to be dealt with by the customer - the password from the only user with full "Administrator" rights is hopelessly lost, it is not possible to recover it and it can only be obtained by "hacking" or removing the password from the user. How to be?
Below I will tell you how to reset or “crack” a password in 1C 8 both in file and in 1C client-server mode of operation.
1C password recovery if the database is file
Before cracking a user's password NECESSARILY do it, you can simply copy the file "1Cv8.1CD". It is important that there are no users in the database during copying.
To crack the 1C 8.3 password, we need a program - a HEX editor, for example, WinHex (runs without installation).
1 step
Install and run winhex. From the program, open the database file - 1Cv8.1CD. The file is located at the address of the location of the database subjected to "hacking" of the user, which is registered in the infobase selection list:
2 step
After opening the file 1Cv8.1CD in the file you need to find the desired line to edit. To do this, press the key combination ctrl + F, select the encoding from the list - Unicode(as in the screenshot), enter "" in the search bar and click OK:
Get 267 1C video lessons for free:
3 step
After we have found the desired line in the column with the value "6", we change the number "00" to "01":
Passwords removed, congratulations!
Update from our readers for new 1C platforms (for example, 1C: Enterprise 8.3.5.1383):
In the found line users.usr, we change the number not in column No. 6, but look for the number “09” in this line and change “00” to “01” to the left of it
Next, look for the string “v8users”. (If it doesn’t find it, uncheck “Match case” and repeat the search).
In the found line, change the letter “V” to “H” so that it turns out “h8users” (H 8 U S E R S)
Update #2 from our reader Evil Grym on 10/07/2017:
Platform 8.3.10.2561 Filebase
1) Download WinHEX
2) V8USERS Change to L8USERS
3) users.usr Change to lsers.lsr
4) Save. (The base counts as a bat)
5) We run chdbfl with a checkbox to automatically correct errors. It will run it, say that there were no errors, but the database becomes operational even without users.
Removing the password if the base is 1C client-server
If your company client-server option 1C 8.2, you need to act a little differently.
Step 1
Run the utility to manage the sql server - Microsoft SQL Server management studio.
Step 2
Find the table in the list dbo.params«:
Step 3
To remove the 1C password, in the list we find the line with the name "" and delete it:
Update: in the release of the 1C platform 8.3.5.1460, the method described above does not give the desired result. It is known from the experience of our readers that it is necessary to try to delete the table Usersv8.
Ready! You deleted passwords 1C!
If you still haven’t managed to crack the password from 1C on your own, you can always apply for
One of the most frightening situations is the loss of a password from account administrator 1C. However, platform developers care more about user convenience than security, so the solutions to this problem are quite simple. But when performing such operations, you need to be extremely careful and understand all responsibility for your actions. Be sure to do backup database before resetting the 1C administrator password.
Working with the file version 1C 8.3
We will perform the main actions with a 1CD file from the folder where information base. There are two options to remove passwords for entering 1C - HEX editors and the TOOL1CD program. These programs can be easily found on the Internet and most of them are free.
In the first case, the point is to disable the table with users in order to make 1C consider that they are not in IB. After that, the platform starts the configuration with administrator rights, and we can create new users: open the 1CD file in the installed HEX editor and search in Unicode format for “users.usr”.
In the found line, find the value "09" and change the number located to the left from "00" to "01". After that, using the search, we find the string "v8users" and change the first letter to any other. We do this so that 1C does not find this line and thinks that there is not a single user in our database. This completes the work with the HEX editor, but we still need to use the "chdbfl.exe" utility.
You can find it in the bin folder located inside the directory where the platform is installed. This program checks and fixes file bases, and in our case it can help to avoid encountering a stream format error.
The second method is based on changing the password for a specific user to an empty one. To do this, open the IB file in the TOOL1CD program and find “V8USERS” in the list of tables, which contains the data of all users. To get the password in the form of a SHA-1 hash format, click on the DATA field of the specific user line and replace the value there with “2jmj7l5rSw0yVb/vlWAYkK/YBwk=”, meaning an empty password.
Using the "Record" button below tabular part store the field data in text file. IN text editor replace and save the file without changing its name. To load the changes, we turn on the table editing mode using the button on the left above the table, and the option “Read from file” appears below. After that, it remains to confirm the changes with the button with a green checkmark. Removing the password in 1C has successfully completed!
Working with client-server 1C
If you have 1C running on the server, then the actions will be completely different. First of all, you need access to the database server console, since the changes will be made there. The essence of the solution is to make 1C think that there are no users, so any session will start with administrator rights. A simple algorithm will help us with this:
- We launch the utility for managing the database;
- We create a query in which we will rename the v8users table and the users.usr file so that 1C cannot recognize them. Instead of "DatabaseName" we will write the name of our own database USE GO EXEC sp_rename "v8users", "v8users_tmp" GO UPDATE SET = "users.usr_tmp" WHERE = 'users.usr' GO
- We execute the request with the F5 button;
- We start 1C. If everything is done correctly, 1C will not ask for a login and password, but will start immediately with full rights;
- Without closing the configurator, we create another query in the database management utility. Its essence is to return the user table USE GO DROP TABLE GO EXEC sp_rename "v8users_tmp", "v8users" GO UPDATE SET = "users.usr" WHERE = 'users.usr_tmp' GO
- After the next execution of the request text, we return to the configurator and create a new user with administrator rights. You can also simply change the password for one of the existing ones;
- We reload the configurator and log in under the user who was assigned a new password.
After these steps, resetting the user's password 1C 8.3 can be considered successfully completed. Remember that each such operation is a big risk, as the administrator may make a mistake when writing the request. At the same time, 1C is far from being the most stable system to external interactions. Therefore, be sure to make a rule to store passwords in a safe place and use the above algorithms in extreme cases.
Loading...