Forgot your password for your self-hosted Ghost site? After too many login attempts, Ghost will lock you out for some time (an hour I believe) before you can log in again. Even if you were able to reset your password.

If you have access to your database (MySQL or SQLite), here are two solutions that may help you.

Solution 1:

Empty the brute table. The brute table keeps track of login attempts in order to prevent brute force login attempts. If you have a large blog or known attackers, I would not recommend doing this, and instead wait for the block to expire.


Solution 2:

This one wasn't the case for me, but it looks like it worked for some. In your users table, set your account's status to active.

UPDATE users SET status = "active" WHERE email="[email protected]";

Hope one of these works for you. This is my first blog post (after I managed to unlock my Ghost account).