Logs from VahaC

Reset qBittorrent WebUI Password in Docker

, ,

Reset qBittorrent WebUI Password in Docker (PBKDF2) — Grab the Temporary Password from Logs

If your qBittorrent WebUI login is locked out (or your IP got banned after too many attempts), the cleanest recovery path in a Docker setup is to remove only the PBKDF2 password line from the config, restart the container, then read the temporary password from container logs. ✅

This guide walks through that exact workflow—safe, repeatable, and minimal-impact—so you’ll know how to reset qBittorrent WebUI password in Docker.

What you’ll do (high-level) 🧭

  1. Stop the qBittorrent container.
  2. Locate qBittorrent.conf in your mapped /config volume.
  3. Delete only the line:
    • WebUI\Password_PBKDF2=...
  4. Keep your username line:
    • WebUI\Username=...
  5. Start the container.
  6. Read the logs and find:
    • The WebUI administrator password was not set. A temporary password is provided for this session:
  7. Log in with the generated password and set your own password in the WebUI settings.

Prerequisites ✅

  • Shell access to the Docker host (OMV, Debian, Ubuntu, etc.)
  • sudo permissions
  • You know (or can find) your qBittorrent container name

1) Find your qBittorrent container name 🔎

List running containers and pick the one for qBittorrent:

sudo docker ps --format 'table {{.Names}}\t{{.Image}}\t{{.Ports}}' | egrep -i 'qbit|qbittorrent'

Example output:

  • qbittorrent
  • qbit
  • qbittorrentvpn

In the rest of this guide, I’ll call it:

  • QBIT_CONTAINER

2) Stop the container (important) 🛑

Stop qBittorrent before editing the config to prevent it from rewriting the file while you’re changing it:

sudo docker stop QBIT_CONTAINER

3) Locate the config volume on the host 🗂️

You need the host folder that maps into the container’s /config.

Run:

sudo docker inspect -f '{{ range .Mounts }}{{ println .Destination "->" .Source }}{{ end }}' QBIT_CONTAINER

Look for a line like:

  • /config -> /srv/docker/qbittorrent/config

That host path is where your configuration lives.

4) Find qBittorrent.conf 🧾

Now search inside that host config path.

Assuming your /config maps to something like HOST_CONFIG_PATH, run:

sudo find HOST_CONFIG_PATH -type f -name 'qBittorrent.conf' -print

Common locations include:

  • HOST_CONFIG_PATH/qBittorrent/qBittorrent.conf
  • HOST_CONFIG_PATH/.config/qBittorrent/qBittorrent.conf

When you find it, store it as:

  • CONF_FILE

5) Backup the config (always) 🧯

Before editing, make a quick backup:

sudo cp -a "CONF_FILE" "CONF_FILE.bak.$(date +%F_%H%M%S)"

6) Edit the config: delete ONLY WebUI\Password_PBKDF2 ✂️

Open the file:

sudo nano "CONF_FILE"

Find the password line:

WebUI\Password_PBKDF2=...

Delete that line only.

Important: keep your username line intact:

WebUI\Username=YourUsername

Save and exit:

  • Ctrl + O, Enter
  • Ctrl + X

7) Start the container again ▶️

sudo docker start QBIT_CONTAINER

8) Read the temporary password from logs 📜🔑

Now pull the latest logs:

sudo docker logs --tail 200 QBIT_CONTAINER

In the output, search for the exact line:

The WebUI administrator password was not set. A temporary password is provided for this session:

The generated password is at the end of that line.

Copy it.

9) Log in and set a permanent password 🧠✅

  1. Open the qBittorrent WebUI in your browser.
  2. Log in using:
    • Username: whatever you kept in WebUI\Username
    • Password: the temporary password from logs
  3. Go to:
    • Tools → Options → Web UI (wording may vary slightly)
  4. Set your new permanent password.
  5. Save.

🎉 Done. The temporary password is only for that session—your new password becomes the real one.

Extra notes (common pitfalls) ⚠️

✅ Why stop the container first?

Because qBittorrent may overwrite config values on shutdown/startup. Editing while it’s running can lead to confusing “it didn’t change” situations.

✅ Why delete only WebUI\Password_PBKDF2?

It’s the least invasive reset:

  • Your username stays the same
  • Other settings remain untouched
  • qBittorrent detects “password not set” and prints a safe temporary one

❌ Still seeing “IP banned”?

If your WebUI has a ban duration configured, you may need to wait it out—or temporarily reduce it in the same config file (optional). But in most cases, once you log in successfully, the issue is resolved.

Quick command checklist ✅🧾

# 1) Identify container
sudo docker ps --format 'table {{.Names}}\t{{.Image}}\t{{.Ports}}' | egrep -i 'qbit|qbittorrent'

# 2) Stop it
sudo docker stop QBIT_CONTAINER

# 3) Locate host config path
sudo docker inspect -f '{{ range .Mounts }}{{ println .Destination "->" .Source }}{{ end }}' QBIT_CONTAINER

# 4) Find config
sudo find HOST_CONFIG_PATH -type f -name 'qBittorrent.conf' -print

# 5) Backup
sudo cp -a "CONF_FILE" "CONF_FILE.bak.$(date +%F_%H%M%S)"

# 6) Edit: delete ONLY WebUI\Password_PBKDF2
sudo nano "CONF_FILE"

# 7) Start
sudo docker start QBIT_CONTAINER

# 8) Read logs for temporary password
sudo docker logs --tail 200 QBIT_CONTAINER

Final thoughts 🧩

This approach is ideal when you want a minimal, reversible password reset without nuking your qBittorrent configuration or recreating volumes. It’s fast, safe, and works reliably in Dockerized setups. 🐳

If you want, you can extend this guide by adding a short hardening section (strong password, ban duration, optional reverse proxy auth, etc.)—but for recovery, the steps above are the cleanest path. 🔐

, ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.