WordPress is one of the most widely used CMS applications in the world. Its user base consists of nonprofit organizations, bloggers, etc… all the way up to larger business corporations that take advantage of the simplicity and customization of WordPress.
Due to this huge popularity, WordPress sites are commonly attacked and brute forced. So, we understand when you forget your password due to having to set extremely hard passwords to remember. Still, we recommend that you set these extremely hard passwords for your own security.
We’ll explain in the guide steps below how to recover your password. Luckily, there are several options we can choose from in order to recover our password. We’ll show each of our recommended options below:
Option 1: Recover Password via Database
The most common way of resetting the WordPress password is through the database itself, which can be done via phpMyAdmin. I'll explain the steps needed below:
- The first step is to log in to phpMyAdmin for your database that WordPress uses.
Note: You can view what database your WordPress site uses via the 'wp-config.php' file within the root WordPress directory.
- Select your database on the left-hand side of the phpMyAdmin page and navigate to the wp-users table as shown in the screenshot below:
3. Next, click on the edit button next to the desired user you wish to regain access to.
4. Now you will look for the ‘user_pass’ field, choose the drop-down and select ‘MD5’. Once done enter in the new password in the ‘value’ column to the right of this ‘user_pass’ field. You can view the screenshot below as an example:
5. Once you've completed the above, click the 'Go' button to save your changes.
You should now be able to log in with the new password you have chosen.
Note: If you do not want to use phpMyAdmin and instead wish to use SQL code to perform this task, then you can follow the WordPress codex article here on performing these steps.
Option 2: Recover Password via Website Files
One of the easiest options is to reset your password for WordPress by modifying the files. I’ll explain the steps needed below:
- The first step is to obtain access to the sites directory.
On Windows this can be FTP access, File Manager access via WCP, or RDP access (if you have a VPS).
On Linux/cPanel this can be FTP access, FileManager access, or SSH access.
- In your site's file structure, browse to the /wp-includes/ folder. Within this directory locate and edit the 'functions.php' file.
- Within the code insert the following right after the '<?php' line:
Note: You'll want to change 'new-pass' to whatever you wish to temporarily login as.
This will only work if the original administrator user is still active, as only this user would have the '1' user ID in the database. If a second user was created and the first removed you may be able to change the '1' to a '2', etc...
- You should now be able to login with the new password. Be sure to remove the lines of code that were added to the 'functions.php' file once you are logged in.
Also, once logged in be sure to change the password to something secure and memorable.
Note: If you weren't able to log in, but it did not state that the password was wrong (just redirected back to log in) then go back to file and remove the code you just added and attempt to log in again, as you should be logged in and the code is just interfering with the login. Use the same password as what you just set the password to with the code addition previously.
Option 3: Recover Password via Email
If you set an an email address on the user then you can easily request a password reset by following the instructions below:
- Navigate to your WordPress admin dashboard (should be the full URL to your site followed by /wp-admin).
- Next click on ‘Lost your password?’ on the login page. You should be asked to enter the username or e-mail address for the account you want to attempt a reset on. Enter in the desired user or email now.
- You should receive the new password reset link at the e-mail address set for that particular user. This may take 5-10 minutes to come in, so please be patient.
Option 4: Recover Password via Reset Script
On the WordPress codex they have an “Emergency Script” for the use of resetting the password if you aren’t able to successfully change the password by any other means.
You can refer to the following section of the Codex article in order to access the script and the documentation for this said script: