Reset your WordPress password

Through MySQL Command Line

  1. Get an MD5 hash of your password.
    • Visit md5 Hash Generator, or…
    • Create a key with Python, or…
    • On Unix/Linux:
      1. Create a file called wp.txt, containing nothing but the new password.
      2. tr -d ‘\r\n’ < wp.txt | md5sum | tr -d ‘ -‘
      3. rm wp.txt
    • On Mac OS X:
      1. Create a file called wp.txt, containing nothing but the new password. Then enter either of the lines below
      2. md5 -q ./wp.txt; rm ./wp.txt (If you want the MD5 hash printed out.)
      3. md5 -q ./wp.txt | pbcopy; rm ./wp.txt (If you want the MD5 hash copied to the clipboard.)
  2. “mysql -u root -p” (log in to MySQL)
  3. enter your mysql password
  4. “use (name-of-database)” (select WordPress database)
  5. “show tables;” (you’re looking for a table name with “users” at the end)
  6. “SELECT ID, user_login, user_pass FROM (name-of-table-you-found);” (this gives you an idea of what’s going on inside)
  7. “UPDATE (name-of-table-you-found) SET user_pass=”(MD5-string-you-made)” WHERE ID = (id#-of-account-you-are-reseting-password-for);” (actually changes the password)
  8. “SELECT ID, user_login, user_pass FROM (name-of-table-you-found);” (confirm that it was changed)
  9. (type Control-D to exit mysql client)

Note: if you have a recent version of MySQL (version 5.x?) you can have MySQL compute the MD5 hash for you.

  1. Skip step# 1 above.
  2. Do the following for step# 7 instead.
    • “UPDATE (name-of-table-you-found) SET user_pass = MD5(‘(new-password)’) WHERE ID = (id#-of-account-you-are-reseting-password-for);” (actually changes the password)

Note that even if the passwords are salted, meaning they look like $P$BLDJMdyBwegaCLE0GeDiGtC/mqXLzB0, you can still replace the password with an MD5 hash, and WordPress will let you log in.

Through FTP

There is also an easy way to reset your password via FTP, if you’re using the admin user.

  1. Login to your site via FTP and download your active theme’s functions.php file.
  2. Edit the file and add this code to it, right at the beginning, after the first <?php

    wp_set_password( 'my_new_password', 1 );

    In the above code, replace the text my_new_password with your own new password for the main admin user. The number 1 above refers to the user ID number in the wp_users database table. Since we wanted the user ID of the main admin user, we just keep the number as 1, which is typically the user ID of the main admin user.
  3. Upload the modified file back to your site.
  4. Once you are able to login, make sure to go back and remove that code. It will reset your password on every page load until you do so.

Through WP CLI

WP CLI is a command line tool for managing your WordPress installation.

  1. Move into the /wordpress directory and type

    $ wp user list

    to see all users. Find the ID of the user you’d like to update.
  2. Then, update the user

    $ wp user update 1 --user_pass=$UP3RstrongP4$w0rd

    replacing “1” with the id of the user you want to update.

More on wp cli

Using the Emergency Password Reset Script

If the other solutions listed above won’t work, then try the Emergency Password Reset Script. Please note that it’s not a plugin, it’s a PHP script.

A Word of Caution:

  1. The Emergency Password Reset Script requires that you know the administrator’s username.
  2. It updates the administrator password and sends an email to the administrator’s email address.
  3. Even if you don’t receive the email, the password will still be changed.
  4. You do not need to be logged in to use it. (After all, if you could login, you wouldn’t need the script.)
  5. Place the script in the root of your WordPress installation. Do not upload it to your WordPress Plugins directory.
  6. For security reasons, remember to delete the script when you are done.

Directions for Use:

  1. Copy the emergency script from Emergency Password Script and put into a file called emergency.php in the root of your WordPress installation (the same directory that contains wp-config.php).
  2. In your browser, open http://example.com/emergency.php.
  3. As instructed, enter the administrator username (usually admin) and the new password, then click Update Options. A message is displayed noting the changed password. An email is sent to the blog administrator with the changed password information.
  4. Delete emergency.php from your server when you are done. Do not leave it on your server, as someone else could use it to change your password.

Additional Reference


Posted

in

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.