Resetting the WordPress admin password is necessary for various situations, such as forgetting the access, being locked out of the administrator account, or suspecting unauthorized access. Typically, easily reset the password through the login screen or user dashboard. However, in cases of a hacked website or forgotten information, alternative methods like using phpMyAdmin, wp-config.php, or other server tools become necessary. These methods provide direct access to the database or server files, enabling password reset and account recovery.
In this post, I will discuss common and effective methods to recovery WordPress admin passwords. Additionally, share some tools for password hash generation. Let’s dive in!
Explore other relevant articles on updating WordPress URLs in the database and troubleshooting the 500 internal server error. Gain valuable insights and practical solutions to further enhance your WP site.
1.) How to Change Your WordPress Password From the Dashboard
Changing password from the dashboard is a simple and effective method to enhance your account’s security. This method applies to all user roles, including administrators, subscribers, vendors, editors, and more. Follow the steps below to update your password:
- Log in to WP Dashboard.
- Navigate to the user menu or mouse over the username on the right side of the screen. Click on “Edit My Profile.”
- Continue scrolling until you find the Account Management section. Refer to the provided screenshot for visual guidance.
- By default, a new password will be automatically generated and displayed in the input box. If you prefer to create your own password, delete the generated text and enter a strong password of your choice.
- Scroll down to the bottom of the page and click the “Update Profile” button.
By following these steps, you can easily change your WordPress password and enhance the security of your account.
2.) How to Recover Your WordPress Password
Recovering login credentials is a common requirement for users across various high-traffic blogs and online shop websites. If you find yourself in a situation where you need to reset your WordPress password, follow this step-by-step guide
- Visit the login page or wp-admin area.
- Look for the “Lost your password?” or “Forgot your password?” link and click on it.
- You will be directed to the password reset page.
- Provide either your username or the email address associated with your account, and then click the “Get New Password” button.
- Check your email inbox for a user authentication email sent by script.
- Open the email and click on the password reset link provided.
In HTML Formats:
In Plain Text Formats:
- Choose a strong password that adheres to security policies of your choice, and enter it in the designated fields.
- Click on the “Save Password” button to save your new authentication.
- You will receive a confirmation message notifying you that your password has been successfully reset.
- Return to the login page and log in using your newly updated information.
By following these steps, you will be able to recover your WordPress password and regain access to the admin panel.
3.) Resetting WordPress Password via phpMyAdmin
In situations where accessing your email or remembering your username is not possible. And when your website has been hacked or encounters password conflicts due to themes and plugins. Resetting your WordPress password directly in the database becomes crucial. For this purpose, you can use PHPMyAdmin, which supports most databases like MySQL, MariaDB, and others.
To securely and conveniently reset your WordPress password using phpMyAdmin, follow these steps:
- Access phpMyAdmin through your hosting control panel.
- Select the connected database or refer to the ‘wp-config.php’ file in the root directory of installation to identify the db.
- Locate and click on the “wp_users” table (or a similar table with the prefix defined in the wp-config.php file).
- Find the “user_login” field and identify the username for which you want to reset the password.
- Click on the “Edit” or “Browse” option next to the username.
- In the “user_pass” field, delete the existing string and enter your security key.
- From the “Function” column for the “user_pass” field, choose “MD5” from the dropdown menu to encrypt the password.
- Save the changes by clicking “Go” or “Save.”
- After resetting the password, you can log in to your WordPress site using the newly set password.
Remember to exercise caution when modifying the database directly, as any incorrect changes can lead to issues with your website.
4.) Update WordPress Admin Password Using FTP.
WordPress is a popular CMS compared to Shopify, Joomla, and other platforms. There are thousands of possibilities and flexibility with each solution. If you prefer not to work with SQL queries, you have the option to update the password using PHP code.
During your search, you may have come across solutions like wp_set_password( ‘password’, 1 ); provided by various blogging platforms. This single line of code isn’t effective for updating the password. However, it’s important to note that many bloggers simply follow the Codex handbook without fully understanding the underlying concepts.
As a web developer, I have experience working with wp_set_password hooks, and I will share my insights and experiences with you.
- Log into your website using an FTP client like FileZilla or WinSCP.
- Navigate to the root directory of your WordPress installation.
- Go to the “wp-content” folder.
- Open the “themes” directory and locate the folder for your currently active theme, such as Astra, Avada, eMart, Kadence, etc.
- Look for and open the “functions.php” file within the template folder.
- Add the following code snippet at the bottom of the functions.php file:
add_action('init', function () { if( isset($_GET['set_pass_for']) ){ $user = get_user_by( 'login', $_GET['set_pass_for'] ); wp_set_password( 'new-password', $user->ID ); } });Replace “new-password” with your desired password without the need for hash generation or MD5 encryption.
Note: If you don’t use the wp_set_password within a condition, it may generate a random password each time of landing on the login page.
- 7. Save the changes to the functions.php file.
Now that the programming part is done, let’s perform a few tasks with your URLs. Open browser tab and enter a URL with parameters as defined in the hook function above. Use the following format:
https://yourdomain.com?set_pass_for=user_name.
Replace “user_name” with the username of the account for which you want to reset the password.
This is the appropriate solution for updating the WordPress password via FTP or file manager.
5.) Using the Emergency Password Reset Script
If you’re not comfortable using phpMyAdmin, editing function.php, or the login screen, don’t worry. There are alternatives option available to assist you in the recovery process.
One such option is an emergency password reset script that you can utilize on your website. However, please keep in mind that this method requires knowledge of the super admin email or username associated with the account.
To recover your WordPress password using the Emergency Password Reset Script, follow these steps:
- Use cPanel, DirectAdmin, CyberPanel, or FTP software to access your hosting directory.
- Download the “emergency.php” file from this link: Download Emergency Password Reset Script and save it to your computer or Mac.
- Upload the “emergency.php” file to the root directory of your WordPress installation, where the wp-config.php file is located.
- Open your web browser and enter the URL of the “emergency.php” file on your website, such as
https://www.yourwebsite.com/emergency.php.
- Follow the instructions provided on the screen to initiate the password recovery process.
- Once you have successfully reset your password, make sure to delete the “emergency.php” file from your website for security reasons.
Note: It’s crucial to use the emergency password recovery script carefully and delete it promptly after completing the password reset to prevent unauthorized access to your site.
6.) WordPress Password Reset Plugins
If you are managing a large WordPress blog, eCommerce site, or community where numerous users log in daily. It is crucial to ensure smooth troubleshooting of login credentials. Thankfully, there are several add-ons available that can help simplify the process of updating user login passwords and provide smart features. Here are some notable plugins to consider:
- WP Reset by WebFactory Ltd: This plugin offers comprehensive tools for managing, resetting, and troubleshooting your website.
- Reset By REST API: This plugin streamlines password updates using the WordPress REST API.
- MASS Users: With this plugin, you can perform bulk password resets based on user roles, making it easy to update multiple passwords at once.
- Password Reset by WPForms: With the WPForms, users can reset their passwords directly from the front-end page, enhancing user experience.
When choosing plugins, it is crucial to consider factors such as user reviews, compatibility with the latest version of WordPress and WooCommerce, and regular updates. These factors ensure that the plugins you select are reliable, up-to-date, and compatible with your website’s environment.
Conclusion
Recovering or changing your WP password is crucial for maintaining the security of your website. We have explored various methods to achieve this.
Firstly, the wp-admin provides a password recovery option through the “Lost your password?” feature, which initiates an email-based password reset.
Additionally, phpMyAdmin offers an alternative method by allowing you to directly update the password in the database through the users table.
In situations where you cannot access the admin panel or file manager, the Emergency Password Reset Script can be used as a convenient solution.
Remember to prioritize security by selecting reputable solutions and keeping your WordPress installation up to date. By following these steps, you can ensure the ongoing security of your website.
