How to: Change WordPress Password When You Can’t Access WP-Admin

Sometimes when you are dealing with a WordPress installation, where you can’t access the wp-admin, but have access to the cpanel, here is what you do to log In.

Think of times when another admin locks you out, changes the admin email and takes away. Or times when your client cannot remember what email she gave during sign-up and now can’t remember the password as well. Or when you are on a local host and its impossible to reset the password.

Breaking and Entering When You Get Locked Out of WP-Admin

  • Login to your Host’s Cpanel (or whatever that lets you access phpMyAdmin)
  • Login to phpmyadmin
  • From the Left Sidebar of phpMyAdmin, choose the database of the WordPress install. You can find the name of the database from wp-config.php, look for DB_NAME and you will find something like this. In my example wordpress is the database name.

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

phpMyAdmin List of Databases

phpMyAdmin List of Databases

  • Now the sidebar shows a list of tables in the selected database. Find wp_users table. That brings up a list of all users in the installation.
wp_users Table and Edit Button

wp_users Table and Edit Button

  • Passwords cannot be read off from the database, because they are encrypted or hashed. Use this tool to create the MD5 hash of a password you would like. For eg, the password “testpass” is 179ad45c6ce2cb97cf1029e212046e81
  • Back in your phpMyAdmin, edit the admin, or the username that you want the password for. Change the value in user_pass to the new MD5 Hash value that you generated and save it.
Enter MD5 Hash and Save

Enter MD5 Hash and Save

Now you can login to your wp-admin using the username and the new password.

 

Hello, I am Arun Basil Lal. Thank you for reading!

I am a WordPress product developer and creator of Image Attributes Pro. I am passionate about solving problems and travelling the world.

Divi WordPress Theme - My Review

Divi WordPress Theme
Divi is a WordPress theme that web designers do not want you to know. It comes with a drag-and-drop theme builder. You can build beautiful looking unique websites without touching a line of code. Just choose from one of the many pre-made layouts, or pick elements and arrange them any way you like.

Divi is every WordPress developer's wet dream. Surprise your clients with neat responsive websites and have fun building them.

Divi comes from Elegant Themes. If you enjoy building websites, you *need* an Elegant Themes membership. 87 beautiful themes and 5 plugins for the cost of less than a candy-bar each!


Note: I am an avid user of Divi myself and this is a honest review. I wouldn't recommend something that I do not personally find amazing.

9 Comments.

  1. Syam Kumar R says:

    You don’t need to use an external tool to make an MD5 hash. Just select MD5 from the function dropdown of that row, enter your password and then click go. 🙂

  2. SBA says:

    Hi Arun,
    Great article to store in the ’emergency’ file! Bad things do happen to good people…
    But will this work if your IP is blocked due to too many login attempts? e.g. the same scenario you used, another admin changes password, site has a ‘limit login attempts’ plugin and you get blocked…

    • You should still be able to access the cpanel, so you should be able to reset the Password. You could use a proxy to login and then whitelist your original IP 🙂

  3. Harish Krishna says:

    Really an useful tweak Arun. Informative. Worth Sharing 🙂

  4. Doreen Dickens says:

    Thanks Arun for sharing these wonderful tips with us. You have simplified this process in the best and easiest way possible. I’m glad i dropped by i have learnt a thing or two that i din’t have a clue before.

    Good work

    Regards

    Dickens

  5. Kapil says:

    Thanks Arun bro.Its really informative & helpful. 🙂

  6. Morshed says:

    Hi Arun,Thanks for your important post.Sometimes we fall this types of situation.Mostly the clients lost password.Admins conflict is another common reason.Its really a useful post.

  7. Awesome trick, one thing I think that I did once too was just to blank out the password, I think this makes no password, then you can just login and set it via the WordPress wp-admin like normal immediately after. This is a more secure method by far however.

1 Pings / Trackbacks.

  1. […] WordPress have an in-house redirect mechanism and yes, it is a 301 redirect. For instance, this old link will redirect to this new link now, all taken care of by WordPress (and no additional plugin or […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*