Let’s be honest. Forgetting passwords is a pretty common occurrence. When you have a website on WordPress, you’re bound to misplace or forget your password every once in a while. Even the most tech-savvy people forget their passwords for WordPress sometimes.
This is no major concern because WordPress has made it pretty easy to recover your password securely. If you can’t recover your password by having WordPress email you a new one, things do get a bit more complicated; the good news is it’s never possible to get fully locked out of your website.
There are several ways by which you can easily recover your WordPress password. The easiest way would be to have your new password emailed to you from your WordPress login screen.
However, when your email reset isn’t working, you would have to take additional steps to recover your lost password. There are several ways to do this, but you only really need to apply one of them to recover your password.
1. Email Password Recovery
Recovering your password by having it emailed to you is what we discussed above. This is useful when you remember the email account or username in your profile. All you would need to do is click the Lost your password? link below the login area on yourwebsite.com/wp-admin.
From there, your WordPress site will ask you for your username or email connected to your profile. If you get it right, a new password will be sent to the email address associated with your user. The link in the email will let you reset your password and access your website!
But sometimes, problems arise with this password reset method.
- We can’t always remember the username or email address associated with our account, especially if we’re used to using something like the WordPress desktop app.
- Your hosting provider can have issues that cause this reset email not to be sent. If this is happening to you, we recommend moving to a fully managed WordPress hosting environment.
If either of these are the case, take a deep breath. There are other, slightly more technical ways to reset your login password.
2. PhpMyAdmin Password Reset via cPanel
This is useful for people who have phpMyAdmin access into their database. Just follow the steps listed below.
These steps (and screenshots) may vary slightly depending on your hosting provider. If in doubt, ask your hosting provider for support!
- Login to phpMyAdmin and click on databases. A list of databases will appear, and you will need to click on the WordPress database of the website you need to reset the password for.
- In the table column, look for wp_users and click on the browser icon.
- Under the user_login find your username you want to reset the password for and click edit.
- Your user_id will appear. Click edit.
- Next to the user_pass you will see a long list of letter and numbers. Select and delete this long string.
- Type in the new password that you want to use. Remember that it is case sensitive.
- Once done, select MD5 from the drop-down menu.
- Double check to ensure your the password is correct and that MD5 has been selected.
- Save your changes by clicking the Save, Update, or Go button at the bottom of the page
And that should do it! You can now log in through wp-admin with your username and new password.
But if you don’t have access to your website via cPanel, there is also a way to reset your password via FTP.
3. Password Reset via FTP Functions File
Each WordPress theme has a PHP file named functions.php. You will need to download a copy of this file from the WordPress hosting server to your computer through FTP.
You must edit the wp_set_password line of code in order to reset, change or recover your WordPress login password.
The code must be set as wp_set_password (‘abcdef, 1’).
In this code, abcdef is the sample new password (you can use whatever you want here). The number 1 refers to the WordPress users ID number. When changing the password for your site, make sure you use a password you can remember and that you keep somewhere secure.
Make sure to save the edits you made to the functions.php file. With the help of FTP, upload the edited file back to your website.
And you’re done! You should now be able to log into your WordPress website through your /wp-admin dashboard.
Undo the Changes Made to the WordPress Theme File
After you have successfully recovered or changed your password, the next important step is to undo the changes that were made to the theme file of WordPress. For this, you have to download the WordPress functions file once again through FTP and remove the line of code. This code is the same which was used to recover or change the password for your WordPress site. Now, you need to upload the file that you have modified back to your WordPress site through the FTP, and now you’re really done.
Using the FTP or cPanel to recover your WordPress password would require you to identify the WordPress theme that is currently active on your site. If you change the function file in an inactive file, the password will not be recovered! The theme for your WordPress site can be found out from the footer, dashboard or the page source code of WordPress.
4. Emergency Password Reset PHP Script
If all else fails, there’s one final password reset option you can try. This one requires that you create a PHP file from a pre-written script and add it to the core of your website.
Before you try this option, make sure you know who the administrator is. You will need their username and email address in order to do this.
Here are the steps to add the emergency password reset script:
- To retrieve the PHP script, copy it from here.
- Create a new file called “emergency.php”. Paste the entire script into the file, update the values so the file contains your admin’s information, and save.
- Log into your web hosting account and control panel.
Using your FTP or file manager, go to the root of your WordPress website.
Add the new file to the root. Do not place it in the plugin directory. (It was previously called a “plugin”, but should not be treated as such now.
- Open a new browser tab and go to: https://[yourdomainname].com/emergency.php.
You’ll be prompted to enter the admin’s username. Then, create a brand new password. Click on “Update Options” when you’re done.
If you used the correct username, your administrator should receive a confirmation email with the new password.
- Once the admin has regained access, delete the emergency.php file from your server.
Validate the New Password
After completing any of the above strategies, you should be able to use your new password to log into your WordPress site. Go to your wp-admin login area, enter your admin username and new password and give it a shot. If you can login successfully, it means your new password is now officially active.
Entering the password each time you log into your WordPress site can be quite bothersome and lead to forgetting your password in the first place! If you’re logging in from secure locations, you can check the Always Remember Me checkbox, especially if you are going to log in from your home device. When you login once to your site, you would remain logged in until and unless you cleared the cookies from the browser.
For an alternative option, you can use a tool like LastPass or 1Password to automatically save new passwords and enter them securely.