Set a password in 1s 8.3 accounting

Continuing the topic of 1C administration, started in the last lesson on , today we would like to discuss the main aspects of using passwords in 1C.

Passwords in 1C are used in many places, including to restrict access when logging into 1C and for password-protecting modules. I would especially like to touch upon the security of internal configuration passwords, which are not standard and are organized by programmers for their own needs.

We will also discuss managing user passwords in 1C - how to remove or change the 1C password.

If a web client is used (or a thin client in HTTP mode), then authorization is more difficult, since in this case, before gaining access to 1C (and logging in to it), the user must log in to the web server that provides the access service 1C.

Change 1C password or remove 1C password

The user can independently change the 1C password (depending on the configuration, in most typical configurations this is possible).

In thick client configurations (old 1C), to do this, under user rights, you need to select the menu item Tools/User Options and enter a new 1C password ( Old Password 1No need to enter). If this menu item is not there, it means it has been disabled by the administrator.

In configurations thin client(new 1C) similar actions are possible if you have access to the Administration tab. On this tab, select the menu item (top right) Settings/Personal settings/User information.

If you yourself are an administrator, then you can change the 1C user password in the following ways:

If you have forgotten your 1C password, it is possible to reset it, please study this.

1C password for the module

The easiest way to protect the text of programs in the 1C language () is to set a 1C password for access to the module. The module text is encrypted. Unfortunately, any module cannot be protected this way.

You can set a 1C password:

Open the required module in the configurator
Menu item Text/Set password

If at the same time 1C states that “ This module cannot be protected,” or this menu item does not exist, which means you need to move the functions and procedures of the module to another and protect it. At the very least, you can password protect it.

A way to protect a module without a password is to exclude the program text altogether. The fact is that the program text is compiled (converted into a special unreadable form) before execution. You can remove the module text, leaving only the compiled “code”.

To do this, select the menu item Configuration/Configuration delivery/Delivery settings and select Exclude module texts for the required modules. In particular, this can be done with processing, and then save it to external processing (right-click on processing, Save as external processing).

Both methods, unfortunately, are bypassed by 1C decompilers common on the Internet, which allow you to restore the program text from the compiled “code.”

Password for 1C update

When you try to update 1C online (Configuration/Support/Update configuration), 1C will ask you for the password to access the update site.

When purchasing a 1C configuration, in a large yellow box, in addition to a CD and books, there will be an envelope with a PIN code. In addition, you will need the configuration registration number (written on the box or in the purchase documents). If for some reason the registration number is not found, try calling technical support. 1C support.

So, having found both numbers, go to the 1C website (http://users.v8.1c.ru/getpswbase.jsp) and register yourself. As a result, you will receive a password to download and install updates.

Passwords on form 1C

Sometimes in the process of developing a configuration, the programmer needs to create an access mechanism to another database or other software, or simply protect part of the configuration with an additional password.

To do this, in the properties of the input field there is a Password Mode property. A field with a check mark will show an asterisk (*) instead of symbols when entered.

The password itself will be stored by default in the usual directory/document details, with all that follows (the ability to view using external processing or querying the data, viewing the SQL table of this reference book).

Setting and removing passwords in 1C programs is laid down at the platform level of all versions. User authorization is necessary to protect information and differentiate access rights in this database. The combination of a username and password is called a login.

It should be immediately noted that the 1C platform does not provide cryptographic data encryption, and therefore its data protection is not a reliable guarantee of the secrecy of proprietary information, but serves mainly to restrict access to information security users.

To be fair, password protection file versions 1C 7.7 was not removed only by the lazy. The reliability of storing user passwords in 1C 8.2 and 8.3 configurations has increased, but nevertheless cannot serve as an example reliable system hiding data from prying eyes.

To set, change, or remove passwords for users, you must have administrator rights. You need to log into the 1C Accounting or Commerce database in configurator mode under the name of the system administrator. If in information base While there are no users, the first thing you need to do is create a user with administrator rights and set a password for him.

To perform any actions with user rights in the 1C V8 database in configurator mode, use the menu item Administration -– Users. Here you can add or remove users, set their rights and make some other settings.

The password is entered in blind mode (password 1c), i.e. The input text is not displayed on the screen so that it cannot be visually removed by those present nearby. Therefore, the entry procedure must be repeated in the “Password Confirmation” field to ensure that Hidden text entered correctly. User rights, i.e. what he is allowed to do is set on the Other tab.

It is highly recommended not to use well-known information that is easy to find out as passwords. For example, repeating your login name, date of birth, phone number will greatly facilitate the selection of such a “secret” code for someone who wants to hack your login.

On the other hand, it is important to remember your 1C password. You can write it down, but be sure to put it in a safe place. You can forget any password after a vacation or any long absence from work. As a last resort, you can lose user passwords, but you must Be sure to store the administrator password. Because without it it will be impossible to reset old users or create new ones.

In case of irretrievable loss of the administrator login, you can contact your invaluable information database at the address at the end of the article.

In conclusion, it is worth paying attention to several important points :

Don't delete old users. This will make it impossible to analyze logs to find out who did what with documents in the past period. In this case, you can remove such logins from the selection list when starting the program.
Do not transfer old logins and passwords to new users, for example, to a newly hired employee replacing the old one. Again, it will be difficult to find out who messed up the database - an old employee or a new one.
Keep your administrator login securely, because without it it will be impossible to update the configuration or manage users and their rights. This point is very relevant when changing the chief accountant, system administrator or incoming 1C specialists.

Consultations on 1C passwords can be obtained at e-mail on [email protected]

Crack password to file database 1C 8.1, 8.2 or 8.3 It’s not at all difficult; you will need access to the database files and some kind of HEX editor.

As a HEX editor you can use, for example:

WinHex( free version does not allow saving files larger than 200 Kb);
Free Hex Editor (shareware);
any other HEX editor with a search function.

Step 1. Let's do it backup copy bases (manipulations with the base in hex editor do not always pass without consequences).

Step 2. In a HEX editor you need to open the database file with the name 1Cv8.1CD.

Step 3. Open the search window (usually the Ctrl+F key combination is responsible for this), select the Unicode string type (this field is available in all serious HEX editors) and find the string "users.usr". If you don’t find anything, try searching in a case-insensitive manner (the “Match case” item in WinHex, the “Case-insensitive” item in Free Hex Editor).

Step 4. In the found string you need to find the value "09"(column “1” in the figure) and to the left of it correct "00" on "01"(column “0” in the figure), and then save the changes.

Editing “users.usr”

For hacking 1C 8.1 databases This is enough - you can go to the configurator - you won’t be asked for a password.

But for hacking 1C 8.2 and 8.2 databases additional steps need to be taken.

Step 5. Use the search again and look for the string "v8users".

Step 6. Change the letter in the found string "V" on "H" so that it works "h8users".

Editing "v8users"

This completes the hacking - the password will no longer be requested.

After you have done everything you wanted, you can return everything as it was and then no one will notice anything (this does not always work).

If you just need to add a user without deleting existing ones, then do this (does not always work):

We save all the changes made, but do not close the editor;
Go to the database configurator;
We return to the editor, leaving the configurator open (the editor will say that the file has changed and will offer to reload it - we agree);
We change all previously changed values to the original ones, save the file;
We return to the configurator and add a user with the necessary rights;
Close the configurator and editor and open the configurator again, using the newly created user to log in.

In conclusion, I would like to remind you that the information is provided for informational purposes only, you can use it solely at your own peril and risk.

If you find an error or inaccuracy, please select a piece of text and click Ctrl+Enter.

Accounting 3.0: How to change the password in 1C

It often happens that you need to change your password in the 1C database; perhaps it is too simple, or someone else recognized it.

The password can be changed both from 1C Enterprise mode and from the Configurator.

Let's look at how to change the password for an ordinary user on the 1C Enterprise Accounting 3.0 demo database:

As always, we go into the 1C program, then in the administration menu item (on the top panel) select Users.

In the list of users that opens, find yourself and click the “Change” button, or double-click to enter.

In the form we enter the password and password confirmation, and click record and close, the subsequent login to the program is performed under the new password.

A situation may arise when the user does not have enough rights to change the password, and you need to change it, in which case you should contact the user administrator in 1C.

If your organization does not have one, you can always contact ITBP, our specialists are ready to help you at any time.

If there was only one user in the database, and you urgently need to log into the database, then I recommend contacting a qualified specialist who will help you log into the database.

If you still have questions about changing your password in 1C, then you can always turn to 1C specialists from ITBP for help.

itbpr.ru

Setting and resetting a password in 1C 8.3

Courses 1C 8.3 and 8.2 » Articles about 1C 8.3 » Training 1C ZUP 8.3 (3.0) » Setting and resetting the password in 1C 8.3

This article describes how to set and remove a password in the 1C Accounting program 8.3 edition 3.0.

When working in multi-user mode, each user of the 1C 8.3 program does not have access to all data, but only to that which he needs for work. If you have not set a password to enter the database, you can enter the program under someone else's user. To eliminate this situation, it is necessary for each user of the 1C 8.3 Accounting program to have a unique password set.

Details about the set possible settings user access rights to objects in the 1C 8.3 database, how to solve problems of individual access to various documents and reference books in the database, how to create a new user, as well as how to set restrictions on user rights in 1C 8.3, read our article.

How to set a password on 1C 8.3

This action is first performed by the system administrator in the Administration – Program Settings – User and Rights Settings section:

The administrator opens the Users directory, in which all users working in the 1C 8.3 program are entered, and tears off the card of a specific user, for example, Petrova:

By default, the user is assigned the so-called “Blank Password” (no password):

Thus, when you click OK when starting the database under your name, the 1C 8.3 Accounting 3.0 program will launch successfully:

As you might guess, in this case any user can log in under Petrova’s name. To eliminate this situation, the administrator sets a user password. To do this, click the Set Password button and enter the password manually in the form that opens, confirm it and click the Set Password button:

In the 1C Accounting 8.3 rev.3.0 program, you can create a password automatically. To do this, when setting a password, click the Create password button:

A new password will be created. It is advisable to copy it, as the program suggests. Then you need to click the Close button and the Set password button. This will set a new password for the user.

Now, when you try to log into the 1C 8.3 database without entering a password and click OK, you will not be able to log into the program and the system will display the message: User identification failed:

Only after entering the correct password will the 1C 8.3 program be launched:

and it will open home page:

How to log into 1C 8.3 if you forgot your password

Only the administrator of the 1C 8.3 program can remove the user password. This may be needed, for example, if the user has forgotten the password.

The administrator opens the Users directory, selects the user Petrova and opens the password setting button with the Set password button:

In the window that opens, you need to delete the entries in the New password and Confirmation fields and click the Set password button. The password will be removed:

How to change the password in 1C 8.3

Depending on the settings, the administrator can grant the user the right to independently change the password in 1C 8.3 Accounting 3.0. To do this, in the user card you need to enable the Require a password to be set at login checkbox:

In this case, when the user Petrov enters the program, a password change window will open. Until the Petrov user sets a new password, and it may be an Empty password, that is, the password will be removed, the Petrov user will not be able to start working in the 1C 8.3 database.

In this case, you need to specify the old password and enter a new one manually or automatically using the Create password button. Then click the Set Password button. The window will close and you can work in the program:

Can a 1C 8.3 user change the password independently?

Now imagine that the user Petrova is prohibited from changing the password (the corresponding flag is enabled):

Petrova is an experienced user of the 1C Accounting 8.3 edition 3.0 program and wants to change her password. By default, the Users directory is not visible for the Petrov user.

Therefore, it adds a new command to the navigation panel of the Administration section as shown in the figure:

As a result, the Users directory becomes available:

User Petrova opens her user card and tries to reset her password, but this cannot be done because the Change Password button is grayed out:

Consequently, to change the password, she will have to seek help from the 1C 8.3 database administrator.

How to set up login to 1C 8.3 using the operating system password

A few words about other options for logging into 1C 8.3. When starting the database, you can remove the password in 1C 8.3 and set the login method using a password operating system or via the open-ID protocol. To do this, there are 2 more checkboxes in the Users directory:

When you enable the Operating system authentication checkbox, the user of the operating system (his login and password for logging into the OS) on which 1C Enterprise 8 is installed is specified. In this case, login authentication through 1C can be enabled or disabled. In the latter case, the 1C Accounting 8 program will start without specifying the user name and password in 1C.
The method of logging into the 1C program using the open-ID protocol is used only when connecting to the program via a web server. In this case, the service address must be configured. The authentication checkbox via 1C can be either turned on or off, similar to logging into the program through the OS:

If you need help in mastering a wider range of operations in the 1C program, then we suggest you take our professional course “1C Accounting 3.0 on the TAXI interface”. For more information about the course, watch the following video:

Please rate this article: (No ratings yet) Loading...

profbuh8.ru

Removing and resetting passwords in 1C 8.3 and 8.2

Very often this procedure has to be carried out at the customer’s place - the password for the only user with full “Administrator” rights is hopelessly lost, it is not possible to recover it and it can only be obtained by “hacking” or removing the password from the user. What should I do?

Below I will tell you how to reset or “hack” a password in 1C 8 in both file and client-server modes of 1C operation.

1C password recovery if the database is file-based

Before hacking a user's password, you MUST make a backup copy of the 1C database, you can simply copy the file “1Cv8.1CD”. It is important that there are no users in the database during copying.

To crack a 1C 8.3 password, we need a program - a HEX editor, for example, WinHex (runs without installation).

Install and launch WinHex. From the program, open the database file - 1Cv8.1CD. The file is located at the location of the database being hacked by the user, which is listed in the infobase selection list:

After opening the 1Cv8.1CD file, you need to find the desired line for editing. To do this, press the key combination ctrl+F, select the encoding from the list - Unicode (as in the screenshot), enter “users.usr” in the search bar and press OK:

Get 267 video lessons on 1C for free:

After we have found the desired line in the column with the value “6”, we change the number “00” to “01”:

Passwords have been removed, congratulations!

In the found line users.usr, we change the number not in column No. 6, but look for the number “09” in this line and to the left of it change “00” to “01.” Next, look for the line “v8users.” (If it doesn’t find it, uncheck “ Match case” and repeat the search).

In the found line, change the letter “V” to “H” so that it turns out “h8users” (H 8 U S E R S)

programmist1s.ru

How to set and remove passwords in 1C for users

To be fair, password protection for file versions of 1C 7.7 was not removed only by the lazy. The reliability of storing user passwords in 1C 8.2 and 8.3 configurations has increased, but nevertheless cannot serve as an example of a reliable system for hiding data from prying eyes.

To set, change, or remove passwords for users, you must have administrator rights. You need to log into the 1C Accounting or Commerce database in configurator mode under the name of the system administrator. If there are no users in the infobase yet, then first you need to create a user with administrator rights and set a password for him.

To perform any actions with user rights in the 1C V8 database in configurator mode, use the menu item Administration -– Users. Here you can add or remove users, set their rights and make some other settings.

The password is entered in blind mode (password 1c), i.e. The input text is not displayed on the screen so that it cannot be visually removed by those present nearby. Therefore, the entry procedure must be repeated in the “Password Confirmation” field to ensure that the hidden text is entered correctly. User rights, i.e. what he is allowed to do is set on the Other tab.

On the other hand, it is important to remember your 1C password. You can write it down, but be sure to put it in a safe place. You can forget any password after a vacation or any long absence from work. In extreme cases, you can lose user passwords, but you must always store the administrator password. Because without it it will be impossible to reset old users or create new ones.

In case of irretrievable loss of the administrator login, you can contact your invaluable information database at the address at the end of the article.

In conclusion, there are a few important points to note:

Don't delete old users. This will make it impossible to analyze logs to find out who did what with documents in the past period. In this case, you can remove such logins from the selection list when starting the program.
Do not transfer old logins and passwords to new users, for example, to a newly hired employee replacing the old one. Again, it will be difficult to find out who messed up the database - an old employee or a new one.
Keep your administrator login securely, because without it it will be impossible to update the configuration or manage users and their rights. This point is very relevant when changing the chief accountant, system administrator or incoming 1C specialists.

Consultations on 1C passwords can be obtained by email at

www.kurs-1c-online.ru

Very often this procedure has to be carried out at the customer’s place - the password for the only user with full rights “Administrator” is hopelessly lost, it is not possible to recover it and it can only be obtained by “hacking” or removing the password from the user. What should I do?

Below I will tell you how to reset or “hack” a password in 1C 8 in both file and client-server modes of 1C operation.

1C password recovery if the database is file-based

Before hacking a user's password NECESSARILY do it, you can simply copy the file “1Cv8.1CD”. It is important that there are no users in the database during copying.

To crack a 1C 8.3 password, we need a program - a HEX editor, for example, WinHex (runs without installation).

1 step

Install and launch WinHex. Open the database file from the program - 1Cv8.1CD. The file is located at the location of the database being hacked by the user, which is listed in the infobase selection list:

Step 2

After opening the file 1Cv8.1CD in the file you need to find the desired line to edit. To do this, press the key combination ctrl+F, select the encoding from the list - Unicode(as in the screenshot), enter “” in the search bar and click OK:

Get 267 video lessons on 1C for free:

Step 3

After we have found the desired line in the column with the value “6”, we change the number "00" to "01":

Passwords have been removed, congratulations!

Update from our readers for new 1C platforms (for example, 1C: Enterprise 8.3.5.1383):

In the found line users.usr, we change the number not in column No. 6, but look for the number “09” in this line and to the left of it change “00” to “01”
Next, look for the string “v8users.” (If it doesn’t find it, uncheck the “Match case” checkbox and repeat the search).
In the found line, change the letter “V” to “H” so that it turns out “h8users” (H 8 U S E R S)

Update #2 from our reader Evil Grym on 10/07/2017:

Platform 8.3.10.2561 File base

1) Download WinHEX
2) V8USERS Change to L8USERS
3) users.usr Change to lsers.lsr
4) Save. (The base is considered to be a bat)
5) Run chdbfl with the checkbox automatically correct errors. It will run it and say that there were no errors, but the database becomes working without any users.

Removing the password if the 1C client-server database

If you have a client-server version of 1C 8.2 at your enterprise, you need to act a little differently.

Step 1

We launch the utility for managing the sql server - Microsoft SQL Server Management Studio.

Step 2

We find the table “ dbo.params«:

Step 3

To remove the 1C password, in the list we find the line with the name “” and delete it:

Update: in the release of the 1C platform 8.3.5.1460, the method described above does not give the desired result. From the experience of our readers we know that you need to try to delete the table Usersv8.

Ready! You have deleted 1C passwords!

If you still haven’t managed to hack the 1C password yourself, you can always ask for