As WordPress site administrator, at times you may forget your WordPress password if you have too many sites to manage, or even loose your WordPress Password for example after a security breach. This in turn makes logging into your website backend nearly impossible and can hence lead to frustrations.
In WordPress, there are various approaches that you can utilize in order to regain access to your website. These approaches involve resetting your WordPress Password.
In this article, we will cover the different approaches that you can carry out in order to reset your WordPress password as a site administrator. In addition to this, we will also cover some of the tips on WordPress Password security since despite resetting WordPress Passwords, you also need to ensue that they are secure.
Table Of Contents
- Using the “Lost Your Password” link
- Resetting Your Password Via phpMyAdmin
- Resetting Your Password via cPanel
- Carrying Out a Password Reset Using the functions.php file
- Using the Emergency Password Reset Script
Tips For Secure WordPress Passwords
Prior to proceeding to the Password reset, it is important that we also look into some of the tips we can implement to ensure that the passwords that we set are secure. A few of these tips include:
Setting a Strong Password
Setting up a strong password for your WordPress admin is quite vital. If the password is weak, then this makes it quite easy for attackers to breach your site.
A strong password should:
i) Contain a minimum of 10 characters
ii) Contain various characters such as numbers, uppercase and lowercase letters as well as special characters
iii) Not be easily guessable or containing personal information
In summary, passwords should therefore be unique and also complex enough, thereby making it hard to exploit a website based on this.
Ensure that the Password is not in re-use
If you are using a password in a different website or app, the same password should not be re-used when resetting your website. This is because such passwords can create a security loophole within your website.
By any chance if a hacker gains access to the email/username and password to the website or app where the account details are used, the it would be quite easy for the hacker to exploit other websites where the said credentials are used or else share the credentials.
Regular Password Updating
Upon setting the WordPress Password, it is important that moving forward, you regularly update the password, at least in every three to four months. This is quite helpful because just in case a hacker could have been trying to hack your password, it would be frustrating to them if you happen to alter your password as Brute force attacks by hackers take quite some time before a hacker is really successful. Frustrating hackers by regular updating or resetting your WordPress password is hence a good technique to try keep them off your site.
In cases whereby your website may have already been hacked without your knowledge, resetting or altering your password with a Strong password would automatically lock out a hacker from your website.
The above measures are quite important in ensuring that your website is secure and preventing exploits on it.
Resetting your WordPress admin Password
There are various methods that you can utilize in order to reset your WordPress Password. Here we will cover some of these methods and how to apply them to your website.
Using the “Lost Your Password” link
WordPress by default provides a reset link to enable you to easily carry out a password reset. In order to utilize this provision, you will need to carry out the following:
Navigate to your WordPress site dashboard: https://yoursitedomain/wp-admin , where yoursitedomain should be replaced with your actual website domain.
Next, click on the “Lost your password?” link.
Next, you will be presented with a screen where you will need to fill in your email address or username.
Upon filling in your username or email address, click on the “Get New Password” button.
Once this is done, you will receive an email with instructions on how to reset your website if your website is properly configured to send out emails. Upon clicking the link within the email, you will be required to fill in your new password and click on the “Reset Password” link in order to now rest and save your new password.
Resetting Your Password Via phpMyAdmin
A password reset can also be carried out within your database via phpMyAdmin. Prior to using this approach to reset your password, it is recommended that you first carry out a backup to your site database or even a full backup to your website. Here is a quick guide on how to go about this: How To Backup Your WordPress Website .
Once done with the backup, you may then proceed to the next steps on resetting your password. It is however also important to note that the steps provided in this section may be different depending on the hosting panel utilized by your hosting provider. In our illustration here, will carry out the reset from cPanel. Other hosting panels may have different steps to access phpMyAdmin.
To start with, you will need to login to your sites’ cPanel and select phpMyAdmin from the Databases segment as illustrated below:
Upon clicking on phpMyadmin, you will have a list of databases rendered. From the list, you will need to select your site database. Below is a sample screenshot on this:
If you are not quite sure on your database name, you can actually counter-check this information from your wp-config file located within the root of your theme files. Within the file, you will find such a line of code:
define( 'DB_NAME', 'nec_wp50' );
The second parameter is the database name which in our case here is “nec_wp50”.
Upon selecting the database, select your users table from the table list displayed. In our case here, the table is named “wpus_users”.
Your table could have a different prefix.
Next, select to edit the user whose password you intend to reset.
You will then be presented with a list of columns with the specific user values.
Next, remove the password that is currently within the user_pass field and add your own password. Also ensure that within the function column on the row you set the dropdown field to MD5 as illustrated in the screenshot below. This will make sure that your password is encrypted.
Once this is done, click on the “Go” button to finish the update.
With this carried out, you may now try logging in to your site using the password that you set.
Resetting Your Password via cPanel
If your host does support cPanel, you can use cPanel to reset your WordPress admin password. In order to carry this out, you will need to:
Select the Softaculous Apps Installer from the cPanel dashboard:
Next, select the WordPress overview option:
Upon clicking on the overview button, scroll down to the website or else install whose password you wish to alter and alongside it, click on the pencil/edit icon.
You will then be redirected to the “edit installation details” section. Within this section, scroll down to the “Admin Account” section:
Here, you will need to add your WordPress Password within the “Admin Password” field.
Once this is done, save your changes and try logging in to your WordPress dashboard with the new password.
Carrying Out a Password Reset Using the functions.php file
You can also reset your WordPress Password from the functions.php file within your active theme. In order to do so, you will need to carry out the following:
First login to your website via FTP using a software such as Filezilla or a hosting panel such as cPanel.
Next, navigate to the public_html > yoursitename > wp-content > themes > yourtheme directory, whereby “yoursitename” represents the actual site name and “yourtheme” represents your actual theme. Within your theme directory, select to edit the functions.php file:
In the functions.php file, add the following line of code right after the first <?php opening tag.
wp_set_password( 'my_new_login_password', 1 );
Below is a sample screenshot on this:
In the above code, the first parameter is the new password. You can hence replace the value with a Strong WordPress Password of your preference. The second parameter is the user ID. In this case, the user ID is 1, which represents the site admin.
Once you set the password, save your changes and try logging into your WordPress dashboard. If the login was successful, you will need to remove the code from the functions.php file to ensure that your site is secure and the reset does not occur again after login.
Using the Emergency Password Reset Script
WordPress provides an option of a PHP emergency password reset script that you can use within your website to reset your password. This approach however requires that you know the WordPress admin username to the account.
In order to utilize the script, you will need to:
Login to your website via FTP using a software such as Filezilla or a hosting panel such as cPanel.
Next, create a file named emergency.php file within the root of your site files as seen below:
Once this is done, copy the emergency script from here to the file.
Upon doing so, navigate to yoursiteurl.com/emergency.php whereby “yoursiteurl.com” represents your actual site domain URL.
On the next screen, you will be presented with a form whereby you will need to fill in your admin account username and new password.
Once this is carried out, click on the “update options” button in order to process the reset. Upon a successful reset, try logging in to your website using the new password.
If the login is successful, you will now need to delete the emergency.php file that we created, from your site files. This step is quite crucial in ensuring that your website remains secure.
Losing or forgetting your WordPress Password as a site admin should not cause much of a headache. Within this guide, we have looked into different approaches that you can utilize in order to reset your WordPress Password. It is also important that while resetting your WordPress Password, that you set strong passwords as discussed above.
We do hope that this article provides enough insight to assist you in resetting your WordPress Password in case you lose or forget it. Should you have any questions, suggestions or comments about this, please feel free to utilize the comment section down below.