How to Recover WordPress Password


Recover WordPress Password

So, you’ve forgotten your WordPress Admin password and are trying to recover your WordPress password. You have come to the right place if you are searching for ways you can change your WordPress password.

We understand that it can be frustrating to lose access to your WordPress website. Luckily, it’s possible to easily set a password for a WordPress site. Whether you are a beginner or an advanced user, there are multiple methods that can be used to reset passwords for your WordPress site.

Table of Contents

Let’s dive deep into some of the ways you can use to recover your WordPress password.

Best Ways to Reset & Recover WordPress Password

This is the most common of all the techniques listed here to reset your password. The WordPress login page has a Forgot Password link that allows you to reset your password using your email account associated with the Admin account.

Password Reset WordPress 'Lost your Password?' link

To reset your password for your WordPress admin username using this method, go to your WordPress login screen, which is mostly yoursite.com/wp-admin if you did not alter your login URL before. Then, simply click on the ”Lost your password?” link on the login screen to reset your password. You will be redirected to a page where you can enter the email address for your Admin username or email address. After you enter the email address and click on submit, you will get a password reset confirmation link to your email.

Password Reset Request Page

Go to your email address and you can see a password reset email. Once you click on the link, you will be asked to create a new password on a page similar to the WordPress login page. You can then enter the new password and reconfirm it and then click on the reset password button. And, you have now successfully set up the new password for your WordPress admin login page.

It is highly recommended that you use a strong password. WordPress can also suggest a new strong password reset. A strong password is generally one that can not be guessed easily and contains alphanumeric characters with capitalisations.

Make sure to check your spam and other folders in your email. The password reset email may sometimes land in the spam folder. In order to use this password reset process, you need to have the access to the email address used for your WordPress Admin account. If you can not use or access the email, you will need to reset your WordPress password using another method.

Reset WordPress Password From The Database

You can also reset your password from the database. For this method, you will need a tool that allows you to access and manage your WordPress database to change the password. You can do this using a popular tool, phpMyAdmin. It is available in your hosting provider control panel section.

Below is a step-by-step tutorial on how you can change your WordPress password from the database.

  • Log in to your hosting provider’s client area. You should be able to find the control panel and the phpMyAdmin tool.
  • After openingphpMyAdmin, find and select the database related to your WordPress site.
  • In the WordPress database section of your website, locate the wp_users table and open it.
  • Find the user account name for which you want to reset your WordPress password. You can use Ctrl+F and type in your User account name.
  • Click on edit button and find the user_pass field.
  • Click on the Function drop down menu and select the MD5 hash option.
  • Enter your new WordPress password in the password section value field.
  • Click on Go to save the changes.

You can now log in to your using username or email address with your new WordPress password. To use this method for resetting your WordPress password, you will need to have the necessary permissions to access and edit the database files. This also means that you will also need to access the web hosting Client Area or somehow access the Database files for the WordPress website you are trying to reset the password for.

For an easy process, you might want to reach out to your web hosting provider. They can help you access the database files to reset your WordPress password. Like every other time you are trying to make changes to core files and database, you might want to make a backup of all of your site and files.

Edit the functions.php file

Editing the functions.php file of your WordPress theme can be another method to reset your WordPress password. This method is suited for those who are comfortable with editing code and working on the backend of the website. You will need to know a few more basic things like your theme if you want to proceed with this method.

Also, we recommend you create a backup of your website in case anything on your website breaks while trying to edit the theme file codes.

Functions.php file WordPress

Simply put, you will need to add a code snippet to the functions.php file of your WordPress website.

Firstly, we will show you how to locate the functions.php file on your cPanel.

  • Log in to your web hosting provider and then into the client area.
  • Find cPanel and file manager on your hosting account.
  • Inside the file manager, you should be able to search for the active theme you are using on the website. Generally, it is located inside wp-content/themes/your-theme-name.
  • Once you find the functions.php file, download it to your local storage.
  • Open the functions.php file using any of the text editors like Notepad or Sublime text.
  • Add the following code snippet to the last part of the file to reset your password.

function reset_password( $user, $new_pass ) {

    wp_set_password( $new_pass, $user->ID );

    wp_password_change_notification( $user );

}

add_action(‘init’, function(){

    $user = get_user_by(‘login’, ‘username’);

    reset_password( $user, ‘new_password’ );

});

  • Replace ‘username’ in the code snippet with the username for your WordPress login and ‘new_password’ with the new password you want to use.
  • Save the functions.php on your local storage.
  • After making the changes and saving the file, upload it to the original destination from where you downloaded the file.

Now you can use your new WordPress password to log in.

It is a simple and effective method to reset your WordPress password if you can find the functions.php file.

You should know a few things before using this method. After your password is reset and now that you know the password, you should remove the code from the functions.php file. Not removing the code snippet will reset the password every time the website is loaded.

Whatever method you use, always remember to use strong passwords. Most of the security issues arise from not using safe and strong passwords.

Contact your hosting provider

This has to be the easiest of methods. Simply reach out to your website hosting provider company and ask for their assistance to reset your WordPress password.

Web hosting providers may have access to your website and the hosting server and they should be able to help you with resetting the WordPress password.

Two-Factor Authentication For Your WordPress Account

You can also use 2-factor authentication in order to reset your WordPress password or login without one. But you will need to have 2 Factor Authentication set up before that. You can use plugins like WordFence to create and enable 2FA.

You can set up 2-factor authentication for SMS or other authenticator applications.

SMS Recovery With 2-Factor Authentication

Two Factor Authentication

This method is more or less similar to that of resetting your WordPress password using the password reset email link. It’s just that instead of resetting the password by following the link, you will be asked to enter an OTP code sent to your mobile. After you enter the OTP code, you will be taken to a page where you can reset your WordPress password.

You can also log in with the code without resetting your lost password.

To use this method, you will need to enable and configure two-factor authentication. You need to enter your mobile phone number and authenticator app if you use any. Enabling 2FA will require you to enter OTP from the authenticator app or mobile phone in order to log in to your WordPress admin dashboard.

Emergency Password Reset Script

You can also reset your WordPress password without logging into the WP Admin login screen. This is the ultimate of all the methods to reset your WordPress password.

Using an emergency password reset script is one of the easiest methods if you have access to your root directory WordPress folder. All you have to do is add a file named emergency.php with a code, upload it to your domain name folder and access the file to run the PHP script. Let me explain to you step by step.

Firstly, access your file manager through your cPanel directly or via your web hosting portal. Then, copy and paste the code below into your text editor (Notepad or Sublime text) and save it as emergency.php. Finally, upload the file to your public_html folder and access it via https://[your-domain-name.com]/emergency.php).

Make sure your wp-config.php is also in the same folder as your emergency php file to reset your WordPress password.

You will then get access to a WordPress login page to reset your existing WordPress account password. The WordPress Admin user password is now set to new and you should be able to log in with the new password.

require './wp-blog-header.php';

function meh() {
	global $wpdb;

	if ( isset( $_POST['update'] ) ) {
		$user_login = ( empty( $_POST['e-name'] ) ? '' : sanitize_user( $_POST['e-name'] ) );
		$user_pass  = ( empty( $_POST[ 'e-pass' ] ) ? '' : $_POST['e-pass'] );
		$answer = ( empty( $user_login ) ? '<div id="message" class="updated fade"><p><strong>The user name field is empty.</strong></p></div>' : '' );
		$answer .= ( empty( $user_pass ) ? '<div id="message" class="updated fade"><p><strong>The password field is empty.</strong></p></div>' : '' );
		if ( $user_login != $wpdb->get_var( "SELECT user_login FROM $wpdb->users WHERE ID = '1' LIMIT 1" ) ) {
			$answer .="<div id='message' class='updated fade'><p><strong>That is not the correct administrator username.</strong></p></div>";
		}
		if ( empty( $answer ) ) {
			$wpdb->query( "UPDATE $wpdb->users SET user_pass = MD5('$user_pass'), user_activation_key = '' WHERE user_login = '$user_login'" );
			$plaintext_pass = $user_pass;
			$message = __( 'Someone, hopefully you, has reset the Admin password for your WordPress blog. Details follow:' ). "\r\n";
			$message  .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n";
			$message .= sprintf( __( 'Password: %s' ), $plaintext_pass ) . "\r\n";
			@wp_mail( get_option( 'admin_email' ), sprintf( __( '[%s] Your WordPress admin password has been changed!' ), get_option( 'blogname' ) ), $message );
			$answer="<div id='message' class='updated fade'><p><strong>Your password has been successfully changed</strong></p><p><strong>An e-mail with this information has been dispatched to the WordPress blog administrator</strong></p><p><strong>You should now delete this file off your server. DO NOT LEAVE IT UP FOR SOMEONE ELSE TO FIND!</strong></p></div>";
		}
	}

	return empty( $answer ) ? false : $answer;
}

$answer = meh();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>WordPress Emergency PassWord Reset</title>
	<meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php bloginfo( 'charset' ); ?>" />
	<link rel="stylesheet" href="<?php bloginfo( 'wpurl' ); ?>/wp-admin/wp-admin.css?version=<?php bloginfo( 'version' ); ?>" type="text/css" />
</head>
<body>
	<div class="wrap">
		<form method="post" action="">
			<h2>WordPress Emergency PassWord Reset</h2>
			<p><strong>Your use of this script is at your sole risk. All code is provided "as -is", without any warranty, whether express or implied, of its accuracy, completeness. Further, I shall not be liable for any damages you may sustain by using this script, whether direct, indirect, special, incidental or consequential.</strong></p>
			<p>This script is intended to be used as <strong>a last resort</strong> by WordPress administrator accounts that are unable to access the database.
				Usage of this script requires that you know the Administrator's user name for the WordPress install. (For most installs, that is going to be "admin" without the quotes.)</p>
			<?php
			echo $answer;
			?>
			<p class="submit"><input type="submit" name="update" value="Update Options" /></p>

			<fieldset class="options">
				<legend>WordPress Administrator</legend>
				<label><?php _e( 'Enter Username:' ) ?><br />
					<input type="text" name="e-name" id="e-name" class="input" value="<?php echo attribute_escape( stripslashes( $_POST['e-name'] ) ); ?>" size="20" tabindex="10" /></label>
				</fieldset>
				<fieldset class="options">
					<legend>Password</legend>
					<label><?php _e( 'Enter New Password:' ) ?><br />
					<input type="text" name="e-pass" id="e-pass" class="input" value="<?php echo attribute_escape( stripslashes( $_POST['e-pass'] ) ); ?>" size="25" tabindex="20" /></label>
				</fieldset>

				<p class="submit"><input type="submit" name="update" value="Update Options" /></p>
			</form>
		</div>
	</body>
</html>
<?php exit; ?>

Remember to delete the emergency password reset script file from your directory after resetting the lost WordPress password. Not deleting it is not recommended for security purposes as it increases the vulnerability of someone else using the password reset for your WordPress site.

Use another admin user to edit your user profile

If you are trying to reset a lost WordPress admin password for another user on your website and you have multiple admin accounts, you can use this method.

You can ask other users to reset your password if they are administrators. For this, simply go to the WordPress login screen and to WordPress Dashboard. Go to Users>Profile. Similar to changing the admin password normally, you can go to the user profile page of your WordPress account and reset the password.

Change WordPress Password – Standard

As a website owner, you can change your WordPress password any time you want. This is one of the most basic features WordPress offers. This is not for someone who has lost a WordPress password but if you want to change your WordPress password and you have your current password. You can change your password by logging into the WordPress dashboard.

Set-new-password-WordPress

Firstly, Log in to your WordPress Dashboard with the administrator’s username or email address. Then, Go to Users>Profile. Under the account management section, click on the set new password button(generate a password button). This will suggest a new strong WordPress password for your user. You may choose a new password or just go with the suggested password.

To save the changes, click on Update Profile at the bottom to update changes to your lost WordPress password.

Conclusion

I hope this guide helped you reset your lost WordPress password or you found what you were looking for.

Long, complicated, and exclusive passwords are considered safe and should never be shared. In order to prevent further losses like someone who already has passwords, do change the passwords as well. Using software like LastPass password manager can also help you further in creating, storing and using passwords.

We can not stress this enough, use a secure password everywhere not just for the WordPress login. You’ll need a secure and strong password to prevent unwanted access to your WordPress site and ultimately risk your WordPress website security. Using a weak password is one of the common mistakes people make that can lead to data breaches, the misuse of personal information, or even the entire blackout of the website.

We are a WordPress Web Design Agency in Sydney. Let us know if you need help developing or maintainence packages for your WordPress websites in Sydney.

People Also Asked

Can I reset my WordPress password without email?

Yes, you can reset your WordPress password without accessing the email address. You may change your WordPress password by editing your database through mySQL by editing the functions.php file or with the emergency WordPress password reset script.

Where is the WordPress password stored?

WordPress password is stored in the database. You can view the database and change the password with MySql on your cPanel. The method to find the cPanel may be different to each web hosting provider. Most hosting providers have video tutorials on their websites to assist you in finding cPanel and databases.

What is the best way to reset the password?

There is no best way to reset your WordPress password. Choose the method that suits your needs. Sometimes you may not have email access, so it might be easier to change your password by editing the functions.php file.

Updated on: 4 February 2023 |

WordPress

Sazjan Neupane

Sazjan Neupane

Sazjan helps us reach our dream clients with his expertise in Search Engine Optimisation, PPC, Project Management & Online Business Development. He has worked with a variety of clients in different industries over the last 5 years. In his free time, Sazjan enjoys traveling and exploring new cultures.