This is a beginner level tutorial for WordPress users and developers who may have forgotten their admin password to log into the WordPress admin dashboard which is necessary to update any WordPress blog or website. I will provide several possible solutions for different situations. There is even a solution if you don’t know the username, password or email for logging in. The simplest way to recover a password involves at least knowing the username and having a correct email account associated with WordPress, but I realize this is not always the case and therefore have written this WordPress password recovery tutorial with that in mind.
Password Recovery by Email
The main reason for password losses is shear forgetfulness. Let’s hope you have your email set up in the WordPress installation and this simple email recovery solution will work for you. Simply follow these few easy steps and you will have a WordPress admin password again in no time:
Notice the “Lost your password?” link in the above image and refer to below instructions to reset your password.
- Go to your WordPress admin login page. It should be something like http://www.example.com/wordpress/wp-login.php or going to the wp-admin folder works as well as it will redirect to the wp-login.php script.
- Click on the “Lost your password” link directly under the login form.
- Check your email account that was associated with your WordPress account and you will have an email with a new password inside of it.
- Log in to the WordPress dashboard and change your password to something you can remember this time or make a note of at least.
Recovering WordPress Admin Password without an Email:
Many of you probably never set the admin email incorrectly in your WordPress admin or forgot what email address you used and therefore the previous password recovery method won’t work. Well, do not be too stressed, if you can access your database, there is another way to recover it. Here are the steps you need to do:
- Login to PHPMyAdmin. If you have your own server, you can normally do this by going to the root URL and appending “phpmyadmin” to it so that your URL looks similar to this: http://www.yoursite.com/phpmyadmin. If you have a hosting account somewhere, login to your C-panel and click on the phpmyadmin link that should be on the home page of your control panel.
- Locate your WordPress database which is often called simply “wordpress”, but could be something else according to what you named it upon setting up your WordPress installation. Click on the proper WordPress database to view the tables within it.
- Find the table named “wp_users” and click on “Browse” to see the users. You may have only one which makes life easy. You may have more than one, which means you have to figure out which is the admin password by scanning the user_login column for a username that rings a bell and hopefully that will be your admin user. Before moving forward from here and before you make any changes to your wp_users table, back it up (explained in next step).
- TO back up your wp_users table, find the operations link at the top of the main content area in phpmyadmin when you have the wp_users table open. If you don’t see it at the top of the page, click the “More” link in the navigation menu and then click “operations” from the dropdown.
- On the operations page, find where it says “Copy table to…” and make sure your WordPress database name is in the dropdown select box.
- Under the dropdown select is a text field. Enter a name for your backup table. I named mine “wp_users_backup” so I would recognize it in the future. Name yours something similar if not the same as I named mine to be safe.
- Make sure the “Structure and data only” option is selected and click “Go” at the bottom of the “Copy table to….” Box. Now you will have a backup of your users table and can safely make changes to the original knowing you have a backup if anything goes wrong.
- Click the “Browse” button again. In the row where you located your admin username that you normally would use to login to your WordPress admin dashboard, find the “user_pass” column and there should be a 32 character MD5 encoded password there. This is supposed to be not reversible, but there are ways to crack it. If you really want to do so, I will explain in the next section so skip to that if you prefer to attempt to crack the MD5 hash rather than change it which is what I am explaining now.
- Click on the edit icon for the row with the password hash you wish to change.
- Now you have a couple options. You can either find another user in the table that you know the password for and copy and paste that user’s password hash to the admin user password or you can simply change the email and use the password recovery link on the WordPress login page which will then email you a link to reset the password.
While the instructions above seem long, they are not so complex, I just made them very thorough so that anyone can follow them. The simple instructions for those of you who already understand the basics of phpmyadmin, WordPress and password hashing, would look like this:
Quick PhpMyAdmin Password Recovery
- Go to phpmyadmin and into the wp_users table to find the admin user.
- Change the password hash to one that you know the password to or change the email and then do password recovery from the WordPress login screen (detailed instructions in the first section of this tutorial).
- Click on USERS in the WordPress admin dashboard.
- Click on your admin username from the list that appears on the right.
- From the “Edit User” dialog, scroll down to where it says “New Password” and type in your new secure admin password. Make sure the password strength indicator approves or you do not have a good secure password. Make a note of the new password so you don’t forget.
- Click “UPDATE PROFILE” to save the changes and you are done.