Many newer terminals provide a web dashboard on port 8080 or 80.
Once you successfully log in using the default username and password, you must consider security. Leaving the default credentials active is equivalent to leaving your office door unlocked with the key in the handle.
Installed on your own server
| Version / Setup | Default Username | Default Password |
|----------------|------------------|------------------|
| Fresh install (MS SQL) | sa (SQL admin) or Admin | (blank) or password |
| Sample database | admin | admin or password |
| Older versions (pre-2015) | Administrator | (blank) | ontime software default username and password
Important: If the database was migrated from another system, defaults may not work.
Ontime stores credentials in a user table within its underlying database (4D, SQLite, or MSSQL).
For Linux-based Ontime servers, you can reset the password via the terminal: Many newer terminals provide a web dashboard on
sudo ontime-cli reset-password --username admin --new-password YourNewPass123
If the ontime-cli tool is missing, stop the Ontime service, edit the users.conf or .htpasswd file (often in /etc/ontime/), and manually hash a new password.
Even after resetting or finding the correct default, you may encounter errors. Here is a quick reference:
| Error Message | Likely Cause | Solution |
| :--- | :--- | :--- |
| "Invalid username or password" | Wrong default pair or caps lock on | Re-enter carefully; try admin/password |
| "Account disabled. Contact administrator." | Default was deliberately disabled | Use recovery tool to re-enable |
| "Password expired" | First-time login with security policy | Enter default, then immediately set new |
| "License limit reached" | Too many active users | Remove unused users or upgrade license |
| "Database connection failed" | Backend DB credentials wrong | Check db.config file for defaults | If the ontime-cli tool is missing, stop the
No – modern Ontime versions store salted hashes (MD5 or SHA-1). You cannot recover the plaintext password; you can only overwrite it via the methods above.
If you are in front of the login screen, follow these steps carefully: