WordPress is a free and open-source content management system (CMS) based on PHP and MySQL which you can use to create a beautiful website. As of April 2016, WordPress is used by more than 26.4% of the top 10 million websites worldwide.
Sometimes WordPress webmasters need to change their dashboard administrator password. Either they’ve forgotten their old password or they want to update it to a new, more secure strong password. This can be easily achieved using the “Lost your password?” option on the WP login form, but sometimes this way of resetting the password is not possible if an admin no longer has access to his email.
In this tutorial we will cover a list of different ways of how you can reset your WordPress administrator password.
Reseting the password can be done from the dashboard using the admin panel menu on the left. Once logged into the WP backend, click on Users. Then locate your administrator user and click on it. In the Edit User screen, scroll down and locate the New Password option right under Account Managament. Click on Generate Password. You will see the new password generated and the confirmation from WP that the password is strong. Of course you can enter a password of your choosing. After that just click on Update Profile.
Sometimes you cannot log into your dashboard due to various reasons such as forgetting the password, hacked site etc. But fear not cause you can reset the pass from phpMyAdmin which is a GUI utility tool for managing MySQL databases.
Once logged into phpMyAdmin, click on your WordPress database from the list on the left. The database tables will be listed right under as shown in the image below:
To reset the password you need to edit the wp_users table (wp is a prefix for the WordPress databases, but on some setups the prefix may be different). From the list click on wp_users. You will see a line with options, one of which is user_pass. That is the password for that user. Do not be confused by the symbols in the password. That is not your actual password, but a MD5 Hash version of the password. WordPress stores the passwords as MD5 Hash for security reasons.
Now click on Edit right next to the pencil icon. Enter your new password in the user_pass field on the right.
On the user_pass row there is a dropdown menu to choose functions from. Click on in and select MD5 so phpMyAdmin converts the password to a MD5 Hash version.
Then click on Go. That is it, your password is changed into the new one.
WP-CLI is a command line interface for managing WordPress installations. WP-CLI provides a set of command line tools for upgrading the WordPress core files, installing/uninstalling themes or plugins, enabling/disabling plugins and much more.
You can install WP CLI on your server using our fine article.
Once WP CLI is installed, navigate to your WordPress site document root. Check the available users with:
# wp user list
Then execute the following command:
# wp user update USERNAME --user_pass="PASSWORD"
Replace USERNAME with your actual username and PASSWORD with the new password you want to set.
You might be asked by the terminal to use the –allow-root flag in the command. If this happens the command will be:
# wp user update USERNAME --user_pass="PASSWORD" --allow-root
You can also use the terminal to change the administrator password. It can be done from inside MySQL. Once you are logged into your server, enter MySQL as root:
# mysql -u root -p
mysql> use wordpress_database;
If you don’t know how your WP database is named, check your wp-config.php file and replace ‘wordpress_database’ with the name of your database.
Now execute this query from MySQL:
mysql> SELECT ID, user_login, user_pass FROM wp_users;
You will receive an output similar to this:
You can see that the ID is 1 so use it in the password-changing command:
mysql> UPDATE wp_users SET user_pass = MD5('your_new_password') WHERE ID=1;
You should receive this output:
Query OK, 1 row affected (0.10 sec) Rows matched: 1 Changed: 1 Warnings: 0
Congratulations, you’ve changed your password successfully.
Yes, you can change the password through FTP as well. Log into your server via FTP and navigate to the document root of the WordPress website. Find the active theme’s functions.php file. It should be in wp-content/themes/active_theme/. Edit the file and right at the beginning after <?php add this code:
wp_set_password( 'your_new_password', 1 );
1 is the user ID number from the wp_users table.
Close and save the file.
Now you should be able to log in after which you should remove the code because if you don’t, it will reset the password on every page load.
Emergency Password Reset Script
Using the previous instructions to reset the administrator password is usually enough, however if you still cannot change the pass, there is an emergency script by WordPress that you can use. You can find the script here.
Into the document root of your site, open a new file called emergency.php and paste the code from the script.
Now open your favorite web browser and navigate to http://your_wordpress_site/emergency.php, enter your username and new password and click on Update Options. Be sure to delete the file after successfully changing the password.
You can change your WordPress administrator password using any of the methods we’ve explained.