If you need to change your WordPress password, you might be panicking. You’ve lost access to your site and you don’t know how to get in again.
Help!
Typically this occurs when someone simply forgets their WordPress password, they don’t have access to their email for a standard password reset, or their WordPress site isn’t sending emails correctly.
In this post, we’ll walk you through a few quick and easy steps on how to change WordPress passwords (or reset them) for all the different types of scenarios you might encounter.
Prefer to watch the video version?
Let’s start by looking at the difference between changing your password and resetting it, so you know which one it is you need to do.
Changing your password and resetting your password in WordPress result in similar outcomes.
Changing your password is something you do yourself. If you have access to your website and your profile settings, you should be able to change your WordPress password easily. In other words, you change your password when you know your current password.
Resetting your password is something you’ll need to get the system to do for you, or maybe ask an administrator if you aren’t one. For this post, I’m assuming that you are the site admin and you have access to resetting passwords for other users – which is something I’ll show you how to do later in the post.
The main thing about resetting a password is that you do it when you don’t know the existing password.
There are a number of methods you can use to change or reset a password in WordPress, and many of them apply in more than one scenario.
So let’s take a look at those you might want or need to change your password, and identify the methods you can use for each.
So you know your existing password, but you want to change it. Maybe you’ve been given a new WordPress account by an administrator and the >password isn’t secure enough or you won’t be able to remember it. Maybe you want to change your WordPress password because someone else has accessed it.
Assuming you have access to your WordPress site, and you know the existing password, you have two options for doing this:
I’ll show you how to do each of these later in this post.
In the next scenario, you don’t know the existing password but you do have access to the email account you used for your WordPress user account. You’ll have to reset the password as you don’t know the old one, but it should be quick and easy.
Here are the options available to you:
Skip ahead to the instructions for using each of these methods.
Now let’s imagine you don’t have access to the email address associated with the account. Here are the methods you could use:
Again, skip ahead to the instructions for using each of these methods.
This scenario is slightly different, as it’s not your own password you’re resetting but someone else’s. In this situation you won’t have access to the other user’s old password, so you’ll need to do a reset.
Here are the available options:
Now let’s look at each of the methods in turn.
If all you need to do is change your own WordPress password and you have the old one, you can do this in the admin. You can also reset your password in the admin if you have access to email.
And finally, as a site admin you can reset another user’s password.
If you have access to your site and just want to change your WordPress password, you can do it in the Profile screen.
In WordPress, go to Users > Your Profile to access your profile screen.
Profile screen
Scroll down to the Account Management section at the bottom of the screen.
Account Management
Click the Generate Password button. A new password will be generated for you and displayed for you to copy. If you want to edit it, you can do so.
Click the Update Profile button and your new password will be saved. You’ll need to log in again with the new password – so make a note of it.
If you think you might be logged into your WordPress site on multiple devices or browsers, or you suspect that someone else might have used your credentials to access your site, click the Log Out Everywhere Else button too.
If you have access to the email account you used to set up your WordPress account, but you don’t know your password, you can use the forgot password link to quickly reset your password.
Browse to your WordPress login page, typically this is located at /wp-admin, such as: https://domain.com/wp-admin. Then click on the Lost your password? link at the bottom.
WordPress lost password link
On the next screen, enter your username or the email address you used for your WordPress account. Click on Get New Password and you will receive a link to create a new password via email.
Check your inbox and click the link in the email you receive. You’ll be taken to a screen where you can reset your password.
Reset password screen
Finally, log into your site using the new password with your username or email address. Done.
If you’re the site administrator, another user might ask you to reset their password.
Or you might choose to reset their password because it’s not secure enough or it’s been shared too widely. In both cases, you can reset the user’s WordPress password via the admin screens.
In the WordPress admin, go to Users. Find the user whose password you want to rest and click the Edit link beneath their name.
Users screen
This will open up the editing screen for that user.
User editing screen
Scroll down to the Account Management section and click the Generate Password button.
Generate password
A new password will be generated. You can edit it you want to: make sure that if you do, the password is strong.
Click the Update User button. The user will be sent an email with details of their new password.
Info
If the user simply forgot their password, tell them they can use the lost password link to reset it themselves. You’ll receive a notification when they do this.
If you have access to the site, another option for resetting or changing a password is via WP-CLI. You can change any user’s password this way.
Start by accessing your site via WP-CLI as you normally would.
To change a password, navigate to the root directory – the folder where you installed WordPress. Get a list of users by typing this command:
wp user list
Find the user whose password you want to reset and make a note of their user ID. If it’s the site admin, the user ID will be 1, but you can use this method to change other user passwords too.
Type the following command:
wp user update 1 --user_pass=password
Replace “password” in the example above with the new password for the user and make sure you use a much stronger password than that.
If the user ID you want to work with isn’t 1, replace the 1 in the example with their user ID.
Another way to change WordPress admin passwords is directly in the database via phpMyAdmin. If you don’t have access to your email or your WordPress site isn’t sending emails correctly, this might be the only solution you have.
You might also have to use this method if you are on a local development install. If you are a Atakdomain customer you can always reach out to support for assistance if you don’t feel comfortable doing this.
Editing and manipulating tables directly from phpMyAdmin could break your site if not done correctly. If you are not comfortable doing this, consider hiring a developer or reach out to support.
You’ll first want to login to phpMyAdmin. If your web host is using cPanel, the link to phpMyAdmin is typically found under the database section.
If you are a Atakdomain customer you can access phpMyAdmin directly from your MyAtakdomain dashboard. You can find the login credentials there as well.
Logging in to phpMyAdmin
On the left-hand side, click on your database. Then scroll down and click on the wp_users table. wp_users is the standard table used on fresh WordPress installations.
However, some sites might have a prefix added for security purposes. In this case, it might be named slightly different, such as wp56_users.
The database in phpMyAdmin
On the row next to your admin username, click on Edit. If you have multiple users on your WordPress site, double-check to ensure you are editing the right one.
In the column user_pass, you can enter a new value for your password. Ensure that you select MD5 from the function column. Then click on Go at the bottom.
Editing the password in the user_pass field
And that’s it! You have now changed your WordPress admin password.
Formun Üstü
ormun Altı
Want to know how we increased our traffic over 1000%?
Join 20,000+ others who get our weekly newsletter with insider WordPress tips!
You can return to your WordPress login screen and use your updated credentials to access your site.
If you’re with Atakdomain, you can access phpMyAdmin via the MyAtakdomain dashboard and reset your password that way.
Accessing phpMyAdmin via MyAtakdomain
Once you’re in phpMyAdmin, reset your password using the instructions above for phpMyAdmin.
Another way to reset your password via phpMyAdmin is by using a SQL statement.
Simply run the following from the SQL tab. Make sure to update the new_password and admin_username values with your own.
UPDATE `wp_users` SET `user_pass` = MD5( ‘new_password’ ) WHERE `wp_users`.`user_login` = “admin_username”;
You can access SQL via the SQL tab in phpMyAdmin.
SQL tab in phpMyAdmin
Another way to change or reset your passwords is through FTP.
Start by accessing your site using an FTP client or a code editor with FTP included.
Navigate to the root directory of your site:
WordPress root directory in FTP client
Now navigate to wp-content/themes and find the folder with the currently active theme in it. In that folder, find the functions.php file. Open it or download it so you can edit it.
It’s always a good idea to make a duplicate of this file first, just in case of any problems.
functions.php file in FTP client
Now, in the first line, right after the opening <?php, add this line of code:
wp_set_password( 'password', 1 );
The first parameter is the new password: I suggest you use a more secure one than ‘password’. And the second parameter is the User ID. User ID 1 will be the administrator.
Now, save the modified file or upload it to your site in the same location, overwriting the old version of the file.
Your admin password will now be the password you used in the functions file. Log in to your site and check you can access it.
Once you’ve logged in, go back to your functions.php file and remove that line of code.
It’s very important you do this as leaving it in your file will make your site vulnerable and will mean that your password is reset again and again every time a page is loaded.
At Atakdomain we don’t use cPanel. Instead, we use MyAtakdomain to reset your password (as we saw before). But if you’re with a provider that does use cPanel, this is another way to do it.
If you installed WordPress using an auto-installer in cPanel and you don’t have access to the email account, you can reset the WordPress administrator password in cPanel by accessing the installation you created there. You can’t reset any other user passwords this way.
Start by opening cPanel and scrolling down to the WordPress Manager. Depending on your hosting provider, you may need to look in the Auto-installer or Softaculous section instead.
WordPress Manager in CPanel.
This will take you to the WordPress auto-installer screen. Scroll down to find the installation for which you want to change the password.
Tired of experiencing issues with your WordPress site? Get the best and fastest hosting support with Atakdomain! Check out our plans
Next to the installation whose password you want to change, click the edit icon (a pencil). This will take you to the installation editing screen.
Auto-installer installation editing screen
Scroll down to the Admin Account section and find the Admin Password field. Type in a new password – making sure it’s secure and that you can remember it.
Now go back to your site and log in using your new password.
If all else fails, a last-ditch resort is to use the WordPress emergency password reset script.
To use this, you’ll need to know the administrator’s username. It will update the password for the admin account and send an email to the administrator’s email address.
You don’t actually need access to email, but you will need to know the username. The new password will be sent to your email address, so if your email has been compromised, don’t use this method.
In most cases, if you have the username and access to email, you can use the lost password link in the login screen.
But if wp-admin is not working at all and need to reset your password, this is an option.
Start by creating a file called emergency.php in your root directory: the folder where WordPress is installed. Copy the Emergency Password Script and paste it into your file.
In your browser, open http://example.com/emergency.php, where example.com is your site’s address. (make sure to use emergency.php, not just emergency.)
emergency.php screen
In the WordPress Administrator field, enter the username of the administrator account. In the Password field, enter your new password. Click the Update Options button.
A message is displayed noting the changed password. Check your email as you’ll get an email with the updated information.
Delete emergency.php from your server when you’re finished. Don’t leave it on your server, as someone else could use it to change your password.
You’ll now be able to use your site with a new password.
Sometimes changing or resetting your password doesn’t go as smoothly as you hoped. Here is a list of common problems or errors and what to do if they occur.
Chances are you’ve typed in the new password wrong or forgotten it. Try typing it in again.
Alternatively, your browser might have saved an old password in a cookie and be populating the password field with that. Delete whatever’s there and type in the new password.
If all else fails, use the Lost your password? link in the login screen to reset your password.
If you use the Forgot login link to reset your password, you’ll need to type in your email address or username. Check that you typed these incorrectly.
If you can’t remember your email address or username, you’ll need to use one of the methods above for situations when you don’t have access to email.
Try checking your spam folder. The email is automated and may have been sent there. If you’re using Gmail, try the Updates tab.
You might be using the wrong email account. Could you have used a different email address for your WordPress account than you normally use?
If all else fails, you’ll have to use one fo the methods for when you don’t have access to email.
Using FTP involves making an edit to the theme functions file. If you added this in the wrong place or you typed it in wrong, it could interfere with your theme.
Go back to the functions file and check you followed the instructions correctly. If it still doesn’t work, reinstate the backup you took of the file before editing it. And try another method for resetting your password.
If you didn’t make a backup, you can find your theme in the WordPress theme directory or via the theme vendor you bought it from, and re-upload it to your site with the correct file.
Using phpMyAdmin to reset your password involves directly editing the database.
If after doing this your site breaks, or you can’t access the admin screens still, it may be that you did something wrong.
Go back to the instructions for changing the password via phpMyAdmin and check that what you did reflects the instructions. If you did, but you still can’t access your site, try resetting the password another way.
If your site isn’t working correctly, you might have accidentally edited another field. You’ll need to restore your site from a backup you took before editing the database, and then try resetting the password using another method.
If you didn’t take a backup, you’ll need to talk to your hosting provider and ask if they can help.
When the site administrator changes another user’s password, WordPress will send an email to the address used for that account.
If the user hasn’t received an email ask them to:
If they still can’t access the email, run through the password generation again and copy the password before clicking the Update User button. You can then provide the user with the password. They should change it themselves the first time they log in so they know it’s private.
When you change or reset your WordPress passwords, it’s important to use a secure password. Secure passwords will:
When you change your password in the WordPress admin screens, you’ll be told how secure it is. If it isn’t strong, (as in the example below) try adding more characters to it, and different types of characters.
Reset password – weak
The example below is more secure and would still be easy to remember.
Sometimes using a phrase works better than trying to add lots of extra characters to a word. Try using the opening line from your favorite book or a line from a movie.
Reset password – strong
Alternatively, get WordPress to generate the password for you. You can use a password manager like LastPass to store all your passwords so you don’t need to remember them.
If you want to test how strong your password really is, try putting it into the password checker at How Secure Is My Password? and you’ll find out how long it would take a bot to crack it.
Summary
If you need to change or you’ve lost your WordPress password, you don’t need to panic. Changing or resetting your passwords in WordPress can be done very quickly.
If the easier ways don’t work for you, there are a variety of methods you can try, depending on whether or not you have access to the email address associated with your WordPress account.
Work through the methods detailed above and you’ll have a new password and access to WordPress in no time.
Save time, costs and maximize site performance with: