If you’ve ever found yourself locked out of your WordPress dashboard, don’t worry. Resetting your WordPress admin password is simpler than you might think. In this guide, Unified Computing will walk you through several methods to reset your admin password, ensuring you can regain access quickly and securely.
Why You May Need to Reset Your WordPress Admin Password
There are various reasons why you might need to reset your WordPress admin password:
- Forgotten password: It happens to everyone.
- Security reasons: You might want to change it periodically for enhanced security.
- Compromised website: If your website has been hacked, resetting the password is a critical first step in recovery.
The Usual Way to Reset WordPress Admin Password
If you forget your WordPress password, you can easily reset it by clicking the Lost your password? link on the login page, as long as you can receive the reset link via email. If you can’t access your email or are having issues with email delivery, this method won’t work.
Alternatively, if you have access to the WordPress dashboard, go to Users > Profile > New Password and either set a strong new password or use WordPress’s generated option, then click Update Profile.
For better security, use strong passwords and consider using a plugin like Melapress Login Security to enforce strong password policies and protect against failed login attempts.
If these options aren’t feasible, there are other methods available to reset your password.
Reset WordPress Admin Password Using FTP
Step 1: Accessing Your Server
You’ll need access to your website’s control panel or FTP account to proceed. You can use an FTP client like FileZilla for this task. To ensure secure file transfers, we recommend using the SFTP protocol.
Step 2: Locate or Create the functions.php File
Go to your WordPress theme’s directory. For classic themes, you’ll find a functions.php file already in place. However, if you’re using a block theme and the file doesn’t exist, simply create one in the theme’s root directory.
Step 3: Download the functions.php File
Using FileZilla or your control panel’s File Manager, download the functions.php file from the active theme’s directory.
Step 4: Edit the functions.php File
Open the functions.php file with a plain text editor such as Notepad++ or Visual Studio Code. Avoid using rich text editors like Microsoft Word to prevent formatting issues.
Inside the file, locate the <?php tag (usually at the top). On the next line, add the following code:
wp_set_password( 'NEW_PASSWORD', 1 );
Replace NEW_PASSWORD with your desired password.
Replace 1 with the user ID of the account whose password you want to change (the default admin account ID is usually 1).
Step 5: Find the Correct User ID (Optional)
If you’re unsure about the user ID, add this line below the <?php tag:
echo get_user_by('login', 'username_here')->ID;
Replace username_here with the actual username. After saving, load the website’s homepage to see the user ID. Use this ID in the wp_set_password() function.
Step 6: Upload the File
Once you’ve made the changes, save the file and upload it back to the server, overwriting the original.
Step 7: Load the Webpage to Complete the Password Reset
After uploading the functions.php file with the password reset code, open the homepage of your website in a browser. This will trigger the code and reset the admin password.
Step 8: Log In and Clean Up
Now, visit your website’s login page and enter the new password. Once logged in, navigate to the functions.php file again and remove the line of code that you added for resetting the password. Save the file and upload it back to the server to avoid resetting the password every time a page is loaded.
That’s it! Your WordPress password is now reset.
Reset WordPress Admin Password Using phpMyAdmin
If you have access to phpMyAdmin, you can reset your WordPress password by directly editing the database. This method should be used cautiously, as it involves making changes directly to your site’s database.
WordPress stores user credentials in the database, usually in a table named wp_users. However, the table prefix may differ depending on your installation.
Step 1: Access phpMyAdmin via Hosting Control Panel
First, you’ll need to access phpMyAdmin, which is typically available under the Databases section of your hosting’s cPanel. You may also access phpMyAdmin directly through a browser if you know the URL.
Step 2: Locate the Website Database
Once inside phpMyAdmin, you’ll see a list of databases. Select the one associated with your WordPress site. If you’re unsure of the database name, you can find it in the wp-config.php file, located in the root directory of your site. Look for the following line:
define('DB_NAME', 'YOUR_DATABASE_NAME');
Use the value of YOUR_DATABASE_NAME to find the correct database in phpMyAdmin.
Step 3: Open the Users Table
After selecting the database, you’ll see a list of tables. Look for the table named wp_users or something similar (depending on your database prefix). Click on this table to view its contents.
Step 4: Select the User to Reset Password
Click the Browse button next to the wp_users table. You’ll see a list of users. Find the row containing the username for which you want to change the password. Click Edit next to that row.
Step 5: Update the Password
In the user_pass field, you’ll see the current password in hashed form. Delete this and enter your new password. Important: Select MD5 from the dropdown in the Function column next to the password field. This ensures the password will be stored securely as a hash.
Once done, click Go to save the changes.
Now, you can go to your WordPress login page and sign in with the new password.
Reset WordPress Admin Password Using MySQL
If you’ve forgotten your WordPress password and don’t have access to cPanel, you can reset the password through MySQL by running a few SQL commands. This method allows you to change any WordPress user’s password, including the admin’s, directly from the database.
Step 1: Access the MySQL Database
First, open the terminal in your cPanel dashboard (found under the Advanced section). If your web host doesn’t offer cPanel, you can connect to the server through SSH and access the database using MySQL commands.
Step 2: Log in to MySQL
In the terminal, log into MySQL by typing:
mysql -u database_user -p
Replace database_user with the database username found in the wp-config.php file of your WordPress installation. After pressing Enter, you will be prompted for a password. Use the password associated with the database user (also found in wp-config.php).
Step 3: Select the Correct Database
Once logged in, you need to select the correct WordPress database:
USE database_name;
Again, replace database_name with the actual name of your WordPress database, which can also be found in the wp-config.php file.
Step 4: Reset the Password
Now, execute the SQL command to reset the password:
UPDATE wp_users SET user_pass = MD5('new_password') WHERE user_login = 'username';
Breaking it down:
- wp_users: This is the table where WordPress stores user data. The table may not always be named wp_users if your installation uses a custom prefix. Check your database to confirm the correct table name.
- user_pass: This column stores the user’s password, which will be updated to a new value.
- MD5(‘new_password’): This applies the MD5 hash to your new password. Replace ‘new_password’ with your desired password.
- user_login: This specifies which user’s password to reset. Replace ‘username’ with the actual WordPress username.
Step 5: Confirm and Log In
Once the SQL query is executed successfully, the password for the specified user will be updated. You can now log into WordPress using the new password.
That’s it! You’ve successfully reset your WordPress password using MySQL.
Reset WordPress Admin Password Using cPanel
If your hosting provider offers cPanel, you can use it to reset your WordPress admin password. This method is convenient because:
- No need to write code or upload/download PHP files
- No direct database editing required
Keep in mind, you can only reset the admin password this way.
Step 1: Access WP Toolkit in cPanel
Log in to your cPanel dashboard. Scroll down until you find the WP Toolkit option under the “Domains” section.
The WP Toolkit offers several tools to manage your WordPress websites, including updates, backups, and password resets.
Step 2: Select the Website
Click on the WP Toolkit button. You’ll be taken to a new screen displaying all the WordPress sites linked to your account. Select the site where you want to reset the password.
Step 3: Reset the Password
Once you’ve selected the site, click on the Setup button. A panel will pop up with the login URL, admin username, and a field to set a new password. You can either enter your own password or use the Generate button to create a strong random one.
Once you’ve set the new password, click Change to save your updates.
Now, you can log into WordPress using the new admin password!
Reset WordPress Admin Password Using WP-CLI
In this guide, we’ll walk you through resetting an admin password or any WordPress user’s password using WP-CLI.
WP-CLI is the official command-line interface for WordPress, allowing you to manage various WordPress tasks through text commands instead of a graphical interface. Tasks like updating plugins, managing users, and installing themes can all be done with WP-CLI. Here, we’ll focus on resetting a user password.
Note: This guide assumes that WP-CLI is already installed on your hosting account. If not, refer to the WP-CLI official installation guide.
Step 1: Open the Terminal
To use WP-CLI, access the server’s terminal. You can do this via the cPanel (under “Advanced” settings) or by connecting directly to the server using SSH through tools like PuTTY.
Once connected, navigate to your WordPress installation directory. For example:
cd /srv/www/wordpress
Make sure to replace /srv/www/wordpress with the path to your own WordPress installation.
Step 2: List Users and Find the User ID
Next, we’ll list all registered users to locate the one you want to reset. Run the following command:
wp user list
This will display a list of all users on your WordPress site. Take note of the user ID for the account you wish to reset.
Step 3: Reset the Password
Once you have the correct user ID, use this command to update the password:
wp user update <user_id> --user_pass=<new_password>
For example, if the admin user has an ID of 1 and you want to reset their password, the command would be:
wp user update 1 --user_pass=new_password
Be sure to replace new_password with a strong, secure password.
Executing this command will successfully change the user’s password.
That’s it! You’ve successfully reset a WordPress password using WP-CLI.
Reset WordPress Admin Password Using a PHP script
If you’re unable to reset your WordPress password through normal methods, you can use an emergency password reset script. Here’s a quick guide on how to do it safely.
Key Points to Remember
- Admin Username Required: You need to know the admin username of the WordPress site.
- Email Notification: The script attempts to send an email after updating the password. However, even if the email isn’t received, the password will still be changed.
- Delete the Script After Use: Once you’ve successfully reset the password, delete the script from your server to prevent unauthorised access.
Step 1: Create the Script File:
- Open a text editor like Notepad.
- Name the file emergency.php.
Step 2: Copy the Script Code:
- Visit the WordPress Codex and copy the emergency password reset script.
Step 3: Upload the File:
- Use an FTP client or your hosting file manager to upload emergency.php to the root directory of your WordPress site.
Step 4: Access the Script:
- In your browser, visit: https://your-website.com/emergency.php (replace your-website.com with your actual domain).
Step 5: Reset the Password:
- Enter the admin username and your new desired password.
- Click Update Options.
Step 6: Delete the Script:
- After successfully logging in with your new password, delete the emergency.php file from your server to protect your site from unauthorised access.
Following these steps will allow you to reset your WordPress admin password securely.
Important Tips to Protect Your WordPress Admin Password
Securing your WordPress Admin Password is vital to keeping your website safe from attacks. Here are key tips to enhance its security:
1. Use a Strong Password
Ensure your password is complex, including uppercase and lowercase letters, numbers, and symbols. Avoid common phrases. If your current password is weak, reset your WordPress Admin Password to something more secure using a password manager or generator.
2. Enable Two-Factor Authentication (2FA)
2FA adds an extra layer of protection. Even if someone steals your password, they cannot access your account without a secondary code, typically sent to your phone or generated via an app.
3. Change Your Password Regularly
Regularly updating your WordPress Admin Password is crucial, especially after detecting suspicious activity. Go to the Users section in WordPress to reset it.
4. Limit Login Attempts
Install plugins like “Limit Login Attempts Reloaded” to restrict login attempts, protecting your site from brute force attacks.
By following these steps, you can significantly improve your website’s security. Always remember to reset your WordPress Admin Password if you suspect a breach.
Conclusion
In conclusion, regularly updating and securing your WordPress Admin Password is essential to protect your site. The 7 methods covered provide effective ways to regain access in case you’re locked out. Incorporating security measures like two-factor authentication and strong passwords helps mitigate future risks. When resetting your password, whether through a script or plugin, ensure the process is followed securely.
For a more customised and seamless approach, Unified Computing’s solutions can offer tailored security strategies to enhance your WordPress management further.