WordPress password reset

Here I will describe several ways to reset administrator’s account password in WordPress CMS, those ways could be called radical, because they are being used in cases when you couldn’t reset password in user’s profile or via embedded password recovery option of WordPress. I’ll not touch last two mentioned methods, as long as I suppose you already tried them or they doesn’t fit for your case. So:

1) Resetting password in MySQL database

The best way to do it is to use PhpMyAdmin tool. If you have site and hosting for it or even your own server, then you should have PhpMyAdmin too. First login to PhpMyAdmin and choose site’s database where you need to reset the password.


Wordpress table list

We are interested in wp_users table, which stores WordPress users( and not users of WordPress plugins). Click on it to see users list.


WordPress User List
Next we need to choose affected user, maybe it would be just “admin” in your case.


WP DB User edit
As you can see user_pass line stores the password, to be precise – md5 hash of the password. So here we can change the password by entering it’s md5 hash(if you already have one) or enter the password in plain text but you’ll need to choose MD5 in Function column.
If you chose md5 – MySQL will compute the hash of entered plain text password.


WP DB set password

If you don’t want to use this Function or something went wrong or you don’t have your hash, then just enter this string(only the text between quotes): “$P$Ba5vAEqFXJyRJmmK/iNu3qHWnfKQ7w.”
It’s an MD5 hash of simple “password” password, which you can use now to enter Admin panel. Don’t forget to change it to more complex(from now you should not have problems to do it).

You can also use online password hash generator to get your own password hash, it’s available under “Tools” menu.


There is other way to do it by using SQL query to Database through the same PhpMyAdmin. Choose needed base and click on “SQL” tab, there just enter the following query string:

UPDATE wp_users SET user_pass = ‘$P$Ba5vAEqFXJyRJmmK/iNu3qHWnfKQ7w.’ WHERE wp_users.user_login = ‘admin’;

This query will do the same as above – it will change “admin” user’s password to “password”. You can change “admin” to whatever your user.


This query could be also run via command line of MySQL(of course only in case you have access to command line):

// Connecting to MySQL

> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 358
Server version: 5.5.50-log MySQL Community Server (GPL)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.


// Getting list of databases

mysql> show databases;
| Database |
| information_schema |
| blog |
| iptvc |
| mysql |
| performance_schema |
| wp |
| yii |
14 rows in set (0.00 sec)


// Choosing our base and connecting to it (my DB name is wp)

mysql> use wp;
Database changed

// Running query for password change

mysql> UPDATE wp_users SET user_pass = ‘$P$Ba5vAEqFXJyRJmmK/iNu3qHWnfKQ7w.’ WHERE wp_users.user_login = ‘admin’;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0



That’s it. We used this query to change admin’s password to  “password”.


2) Using wp_set_password function 

If you don’t have access to Database or don’t want to deal with it, but you have at least FTP acces to the site or possibility to edit site’s scripts, then you can use WordPress wp_set_password function, which exists in WordPress from version 2.5.
There are a lot of places to insert that code but the simplest way is to paste it to wp-login.php script, which is located in the root of site’s directory. Open it for edition in any text editor and put this function with it’s parameters right to the end of the script. Fro example:


WordPress wp_set_password
Here I passed the next parametes: new password – “newpassword” and user ID of affected user. Note , that function takes an id and not a username, so you shoud know user’s id beforehand. However if you have a default WordPress installation – then you should have “admin” username and it’s id would be “1”.
Save the changes and upload script back to the site, then you can just  try to access your Admin Panel or run wp-login.php script in browser and right after username-password request you can use new password for log in.
After successfull logging in to Admin Panel and changin password to more complex don’t forget to remove function call from wp-login.php script, otherwise password will be reset again and again.


3) More methods

Besides of the above methods of WordPress password reset there are some other interesting ways to do it. But I’ll not describe them and just give some links instead.
– One method  – using WordPress command line interface(WP CLI), it’s like Admin’s Panel in command line. More detailed – http://wp-cli.org/
– Another method – by using special script for password reset, which should be uploaded to the server and run. I’ve met several such scripts, here is one of them –  https://codex.wordpress.org/User:MichaelH/Orphaned_Plugins_needing_Adoption/Emergency

Don’t forget your passwords!

Напишите комментарий

Your email address will not be published. Required fields are marked *