If you have forgotten your WordPress admin password, you still can change it from the database or via FTP.
This is not very useful if you can already reset your password by requesting a new one from the login page.
However, if emails are not working on your website or you forgot both your username and email address, this post will help you regain access to your website.
Why Change the Password from the Database or via FTP?
In this section, I will mention a few reasons why you would want to change your password from the database, and not simply request a reset link from the login page.
- Your website is no longer able to send emails due to server configuration or you reached your maximum sending limits.
- You are working on a local copy of the website that by default can’t send emails without using a third-party SMTP server.
- You forgot all your login credentials (email, password, and username)
- A client/friend asked you to work on the website but only gave you access to the database.
See. it’s not always obvious why you would attempt to do this.
But if you have to, the next section will teach you how.
How to Change Your WordPress Password from the Database?
You may think you just need to replace the password with a new one from the wp_users
table. But that’s partially true.
All passwords in WordPress are encrypted in a way it’s very difficult for a hacker to reverse the encryption to reveal the actual password if he ever gains access to your database.
This type of protection is basically a standard these days across the web.
So basically, you need to encrypt your password in a special format before adding it to the database.
Step 1. You need to get a new password. You can quickly generate a new one using a website like LastPass Password Generator if you don’t already have one in your mind.
Step 2. You need to encrypt your password to an MD5* string. This is a special type of hash that WordPress uses to encrypt all passwords. To do this, you can use a tool like MD5 Hash Generator.
Step 3. Open your database in phpMyAdmin or any database manager you have access to, navigate to the wp_users
table (table prefix is wp_ for me), and find your account row. If you are the website admin, your account will most likely appear at the very beginning.
Step 4. Double-click the user_pass
field and replace the current value with the MD5 Hash from the previous step.
Now if you go to the login page and attempt to log in using the new password, you will be logged in successfully.
How to Change Your WordPress Password via FTP?
Now let’s say you don’t have access to the database. Or let’s say you just want a piece of code that you can copy-paste into your theme functions.php file and call it a day.
If this is the case, I got you covered too! Below is the code you need.
You need to add this code to your theme’s functions.php
file.
To edit this file you can use cPanel or an FTP client like FileZilla. The file will be located in the root folder of your theme. Which in itself is located in the /wp-content/themes folder.
Don’t forget to change <your_email>
your actual email address and <your_new_password>
your new password in plain text, not encrypted using the tool we saw in the previous section.
/** * Emergency Password Reset Script * Place this in functions.php * Go to Your_site_url/?change_admin_pass * Make sure to delete this code after done */ add_action( 'init', 'pr_emergency_password_reset_script' ); function pr_emergency_password_reset_script() { // Return if not on the correct URL if ( !isset( $_GET['change_admin_pass' ] ) ) { return; } // Change <your_email> with your actual email $email = '<your_email>'; // Change <your_new_password> with your new plaintext password $new_password = '<your_new_password>'; // Get the requested user $user = get_user_by( 'email', $email ); if ( $user ) { // Update the password for the user wp_set_password( $new_password, $user->ID ); wp_die( esc_html__( 'Password Changed', 'textdomain' ), sprintf( esc_html__( 'Password changed for the user %s', 'textdomain' ), $user->name ) ); } wp_die( esc_html__( 'Error', 'textdomain' ), esc_html__( 'User not found.', 'textdomain' ) ); }
Now you need to visit your website with ?change_admin_pass
attached to the URL (Ex; if your site URL is example.com you need to visit example.com/?change_admin_pass).
You will see this page if your password was changed successfully. After that, you can log in using your new password.
Don’t forget to remove this code after changing your password.
Conclusion
There are other methods you can use to change the WordPress admin password aside from using the password reset link on the login page. But these 2 are the most popular ones because they work on all hosts and platforms.
If you have access to cPanel, you can change your password from Softaculous wizard but the method is beyond the scope of this tutorial.
Do you have any questions or need help? Please let me know in the comments below.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials.