Skip navigation

The Agony of the Lost WordPress Password

Recently, two different clients lost their WordPress password. One couldn’t find the log in password for her WordPress blog. Since she is always logged in, she didn’t use it regularly and mislaid the original copy. The other had set up a test WordPress blog on their server ages ago for handling upgrades and conversions, and now wanted to upgrade to WordPress 2.7 to prepare his Theme for the new version, misplacing his password, too. Then I had a computer glitch the same week during a WordPress install and the password step was somehow bypassed, locking me out of the new WordPress install.

For whatever reasons, all three of us couldn’t get the password to work that was emailed to us by WordPress. Without access to the WordPress Administration Panels where we can change our passwords, we’re left hunting for other methods.

Please, do not contact for help recovering your password on self-hosted WordPress blogs. You can ask for help in the and they will give you the following advice.

If you have lost your password with your blog, click the link on your login to have the password mailed to you directly, or contact WordPress.com support.

While there are many ways of resolving this issue, two tools are life savers for lost passwords if you are caught in this same situation.

The Emergency Password Recovery File

Try the Reset Your Lost WordPress Administrator Password Emergency, a PHP file you upload to your WordPress blog root directory and initiate through your browser. It will generate your WordPress username and password.

Remove the emergency.php file immediately afterward to protect yourself and your WordPress blog.

I tried it with WordPress 2.7 and it continues to work. This is an easy way to recover your password when all else fails and if you are unfamiliar with code and databases.

Manually Change Your Password Settings

The second method is actually the preferred method and is described in the , the online manual for WordPress Users, in Resetting Your Password. It involves going into your MySQL database and manually changing the password within the tables.

Be aware that there are different versions of MySQL and your version may differ from the instructions.

In the MySQL database:

  1. Go to wp_users and click “browse.”
  2. On the user_pass field, click “browse” and find the ID number associated with your login (there is usually only one) and click Edit.
  3. Select the password content and delete it. Type in your new password as you normally would.
  4. In the dropdown menu, choose MD5.
  5. Click Go or Save at the bottom of the screen.
  6. Return to the tab for your WordPress blog and test the new password. If it doesn’t work, start over.

Changing your WordPress password settings in the MySQL database
Remember, the first step in assuring you never have to do this is to save your username and password in a safe place where you will remember where you put it.



Site Search Tags: , , , , , , ,

Feed on Lorelle on WordPress Subscribe Feedburner iconVia Feedburner Subscribe by Email Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won't Tell You About Blogging.

59 Comments

  1. Posted February 6, 2009 at 6:12 am | Permalink

    There is an easier way. If you can’t login, but you can access your site via FTP, then just edit the theme’s functions.php file and add this code to it, right at the top after the first <?php bit:

    wp_set_password(‘password’,1);

    Put in your own new password for the main admin user. The “1” is the user ID number in the wp_users table. After you then login, make sure to go back and remove that code. Don’t leave it there by any means.

    Simple.

    • Posted February 7, 2009 at 1:15 am | Permalink

      @Otto: Thanks for the easier tip. You’re always there with the innovative techniques!

    • CA
      Posted January 18, 2012 at 7:03 pm | Permalink

      Awesome worked still today.

  2. Posted February 6, 2009 at 11:00 am | Permalink

    You mean we shouldn’t just use the same password everywhere? ;) (this is a funny, please, no one should take that seriously :| )
    Most of these techniques are going to require a bit of tech savvy, even Otto’s suggestion. Which is why I always make sure I know a few of the main players in a community when I start using a new app or technology. Just knowing who to address in a forum, bboard, etc. will speed the process of getting your challenges solved.

    And something I tend to do when setting up new WordPress sites is to go into the database and change the “admin” user name to something else. If the vast majority of self hosted WP (and other CMS too) sites have user #1 as admin, half the hacker’s challenge is solved.

    Oh, but don’t do that with a WPMU site. Doesn’t seem to like not having “admin” as the #1 user for some reason!

    Cheers!

  3. Posted February 6, 2009 at 7:32 pm | Permalink

    Another method:
    If you openID enable your blog, you can associate multiple identity url’s with your account. As long as one of these is with an outside provider that has your email address on file, you’re ok.

    Let’s say you forget both your blog password and the openid password. You use that provider’s forgot password feature. They email you a new openid password. You then use openid url to log back into your blog.

  4. Posted February 6, 2009 at 7:46 pm | Permalink

    That’s actually really smart, Joseph. And considering that 83.7% of people use the same password everywhere, that will get them their password for everything! (j/k, of course!)

  5. Posted February 7, 2009 at 2:54 am | Permalink

    Wow, great tips guys!
    Got two valuable lessons here. Otto’s one the simplest one.. well of coz with FTP access. Thanks very very much. :)

  6. Posted February 7, 2009 at 7:35 am | Permalink

    Piece of trivia: Back in the early days of WP I was in the wordpress IRC channel and I have genuinely lost my password. This would be mid 2004 probably. I asked how I could get it back and those there – all supremely geeky – told me it could not be done, to scrap the blog, start over.
    So I went looking into the db and found out how to do it. One of the first things I ever wrote up for WP people was how to rescue themselves in that situation.

    • Posted February 7, 2009 at 8:46 am | Permalink

      Ooooh, a bit of WordPress trivia. I always wondered how you got started helping people so much with WordPress. People like you and me, it seems like we’ve been here forever! Thanks, Mark, for all you do every day, often invisible to the world, to help make WordPress better.

      And for those who do not know it, Mark was the first community leader and support team of one for WordPress.com after successfully building the first WordPress Support Forum volunteer team that organized the WordPress Community’s eager helpers into some form of continuity and structure. Thanks, Mark, for all the incredible hard work and for having been there through all the ups and downs!

  7. Francesca
    Posted February 7, 2009 at 11:18 am | Permalink

    Thank you for your great tips, guys!

    I’ve not locked myself out of my blog yet, and I hope I never will but who know? It is good to know there are back doors I can use in case I lose my WordPress password.

  8. Coco
    Posted April 7, 2009 at 11:18 pm | Permalink

    OK, I’ve a little different question. I was hitted by a trojan that installed stuff in a server where I had 7 WP sites. Long story short, the only way to get rid of it was deleting everything and re-upload (after cleaning my PC, of course). Everything went smooth until I realized I didn’t have the pass for the MySQL database on one of the sites (the larger one to make it worse), so my question is how to recover the password for an specific database

    • Posted April 8, 2009 at 4:21 pm | Permalink

      You’ll need to ask in the WordPress Support Forums or in a forum for support of MySQL. Good luck.

  9. Posted May 2, 2009 at 11:12 am | Permalink

    well otto gave a very goood suggestoin indeed. here is my suggestion to reset the password http://lorelle.wordpress.com/2009/02/06/the-agony-of-the-lost-wordpress-password/ using mysql.

    @coco – there is no way you can recover MD5 protected passwords, this is how it is supposed to be.

  10. Posted May 21, 2009 at 3:00 pm | Permalink

    Thanks Lorelle! It is very scary when losing a WordPress password….at least now I know how to recover…

  11. Keith
    Posted October 22, 2009 at 9:20 pm | Permalink

    I have a problem… a forgotten password. I’ve tried the advice from Otto, but have had no success. Could anyone please help me with this. If Otto reads this could you please, please help. I just can’t seem to get it. I understand your solution, but I gyess I’m not inserting it properly.

    Please, please help!!!

    Sincerely,
    Keith

  12. Posted October 28, 2009 at 11:31 am | Permalink

    Thanks Lorelle! Once again you have great WP info!

  13. Tina Falasca
    Posted November 21, 2009 at 12:16 pm | Permalink

    I’m having problems recovering my password. I have the original email with my password but that one isn’t working for some reason. I tried to reset it but am not getting the link, not sure what email it’s going to. The login page has only one button at the top that sends me back to the blog – no option to go into the database. Am I screwed?

    • Posted November 21, 2009 at 12:33 pm | Permalink

      Follow the links and information in the article to recover your password. Go through your web host cpanel or whatever they are using to get to the MySQL database. Good luck. And write the email, username, and password down in a very safe, and findable, place. :D

  14. Jordan McClements
    Posted February 1, 2010 at 9:01 am | Permalink

    Thanks very much…

  15. Ed
    Posted February 27, 2010 at 8:18 pm | Permalink

    Great! Thanks for the tip. I had tried getting my password reset via e-mail and it didn’t work, but this worked perfect!

  16. Posted March 10, 2010 at 7:25 am | Permalink

    Good advice, the md5 soluion is a good one, or simply cut and paste a known password from another database (localhost) with your known standard password. Saved my bacon a few times :)

  17. jimmy
    Posted April 8, 2010 at 6:28 am | Permalink

    ive have this issue and have used the emergency.php file which said it had reset my password. However, when i go to login it isnt recognised.
    Any help on this one greatly appreciated.

    Jimmy

  18. jimmy
    Posted April 8, 2010 at 6:35 am | Permalink

    went through post again and solved it
    your phpmyadmin instructions MUCH simpler than the one in the CODEX
    thanks

  19. Posted May 14, 2010 at 6:32 pm | Permalink

    i tried the whole resetting the password thing and it didnt work. I have no idea how to go into my godaddy hosting account to do these adjustments in “mysql database”.

    I think I also tried setting up a new blog with my same email address so when I try to recover my password, it just does it for my new inactive one. sigh.

    I need some serious help…

  20. david
    Posted May 14, 2010 at 7:00 pm | Permalink

    I found my link to manage via phpmyadmin but I dont have my correct password to get in(my uncle set up my site). I guess he has it… But is there a way to find my password without going this route? Im suprised I have gotten this far. Im not a tech savy guy at all.

  21. Peta Jinnath Andersen
    Posted June 7, 2010 at 8:13 pm | Permalink

    Thanks! This article just saved us from a long stressful night waiting on tech support to get back to us…

  22. Bill
    Posted June 28, 2010 at 8:38 pm | Permalink

    how do you get into the mysql database?

    • Posted July 6, 2010 at 8:17 pm | Permalink

      There are many articles on the web about how to get to the MySQL database, but check with your web host. They have the solutions.

  23. Posted July 6, 2010 at 10:28 pm | Permalink

    Please contact your web host for help if you cannot figure it out.

  24. Marion
    Posted August 19, 2010 at 2:57 pm | Permalink

    Thank you for sharing this info. First time I’ve ever lost password to my site and this worked like a charm!

  25. Posted September 15, 2010 at 2:17 pm | Permalink

    omg… a simpler system would be if there was a drop-down menu that had something, ANYTHING pertaining to the wordpress password change menu. I don’t know sql, don’t know anything about programming but what I *DO* know is that my five year old nephew can change a password easier than any adult, on every system EXCEPT wordpress.

    these “instructions” are so convoluted, i could build a jet airplane faster and easier.

    ffs.

    • Posted September 16, 2010 at 12:20 pm | Permalink

      These instructions do not apply to WordPress.com. When you log in to WordPress.com, there is a link to request a temporary password for those who have lost their password. Nothing convoluted about that. If you wish to change your password, go to your Profile on your WordPress.com blog and change it there. It’s very, very simple.

  26. Sunday Joseph Adenuga
    Posted September 21, 2010 at 11:53 pm | Permalink

    The hackers seized my website and I could access my admin panel until I came to read this post. It has helped me to fully recover my site from the hackers. Thank you a million times for been a sources of help to us through this website.

  27. Sunday Joseph Adenuga
    Posted September 22, 2010 at 1:18 am | Permalink

    I mean I could not get into my wordpress admin panel for many weeks. When I read through this post, at first it seemed to me like someone speaking in tongues, but i read it over and over again, then I was able to do it myself. Thank you once again.

  28. Posted September 22, 2010 at 3:28 am | Permalink

    I have a slightly different issue. Someone being a PITA clicked the “login” link on one of my blogs, and then clicked the “lost my password” link which effectively reset my password for one of my self-hosted WP sites. Is there any plugin that will hide the login page so that it’s less vulnerable, without making the site also more of a PITA for *me* to reach?

    • Posted September 22, 2010 at 7:49 am | Permalink

      There are several such Plugins. I’ve not tried any of them. However, unless they have the correct email and/or username, they should not be able to do that. I recommend that you create two accounts. One for the administrator level where you can modify everything, and another for contributing your content (author) which restricts assess to the sensitive bits. Use the administrator level only when you are making major site changes and the other for the day to day work of publishing content. This restricts access and adds another layer of protection.

  29. Posted September 25, 2010 at 10:27 am | Permalink

    Thanks for the quick tips on changing password. Some how the email for the admin was changed to an email in France (a hack? I don’t know) and so I was not able to get an email to reset the password.. changed the password in the database and now I’m back in the blog. Thanks Again

  30. Posted September 26, 2010 at 1:06 am | Permalink

    If you are given a emp password how and where do you change that?

    • Posted September 26, 2010 at 5:23 pm | Permalink

      When you go to log in, as the article explains, simply request a new password by clicking Lost Password in WordPress. The article explains the rest.

  31. Posted December 8, 2010 at 11:37 am | Permalink

    Thank you Lorelle, I just used #2 of your post and found my elusive login name for my wp multi site,

    Many Thanks,

    Richard

  32. Posted December 25, 2010 at 10:50 pm | Permalink

    Thanks a bunch… I have been looking for this solution for a little while. Another way to easily change your password is to note down the email address you used to use to reset your old password in your last step. If it is one that you can still access, go to the login page of your WP blog, then click on that link that says “lost password?”, then input that email address you used, it should be an easy fix… If it is not an email address that you can access, simply delete the current email address and type in the new one… then save.

    Either way thanks!

  33. ani
    Posted February 9, 2011 at 2:11 pm | Permalink

    I need to get my wordpress api key that they say was e-mailed to me when I first set up my blog. I did not write the username or password down and can’t find the e-mail. I don’t remember setting up anything except the the login info and password for my site.I have tried to reset a password using wordpress instructions but my email address was not recognized (I have several email addresses but none were recognized).I wanted to use the plug-in for counting visitors to my site but I need that api number. How do I get it? I am a newbie and do not have any tech knowledge.

    • Posted February 9, 2011 at 3:36 pm | Permalink

      Are you talking about the WordPress.com Stats Plugin? Use whatever method they recommend for getting a new API key. Log into WordPress.com and request another, or sign up for a new account and start fresh. Or try another analytics program. I don’t work for WordPress so I can’t help you directly.

  34. ani
    Posted February 10, 2011 at 5:41 am | Permalink

    Thanks for your help I will try this.

  35. Posted February 22, 2011 at 4:34 am | Permalink

    The glory of Google… and nice folk offering to help solve problems.

    Just tried to comment on a blog. To do so it claimed I need to log in… via WordPress. fair enough.

    Quick search on my Mac and I get:

    [WordPress.com] Your new password
    Username: xxx
    Password: yyyyy

    https://wordpress.com/wp-login.php

    Trouble is, they don’t work. But there is a reminder function.

    Trouble that claims my email addy doesn’t exist to send.

    Now, I’ll concede the user name and password, but no way is my email, and the one they used to email me the above.

    So I go to this: https://wordpress.com/wp-login.php

    And it works!

    Does this just mean the script between the blog and WordPress is corrupted?

    • Posted February 22, 2011 at 6:04 pm | Permalink

      No, it means that the secure https option is now required for access to WordPress.com passwords. That didn’t used to be a requirement, but now they might have made it one. Usually it converts automatically. Nothing wrong. It’s normal stuff.

    • Junkk
      Posted February 22, 2011 at 11:03 pm | Permalink

      Lorelle – tx… will try on this basis

  36. Posted March 11, 2011 at 3:50 pm | Permalink

    What about when you no longer have either your username or your password (not for my site, but for the forums)? My wordpress.org administrator username and password don’t work for posting questions in the forums, which I’ve looked exhaustively within for a solution. All this got complicated when I moved my site from wordpress.com to wordpress.org. I’d surely appreciate a way to be able to use the forums for posting questions again. WordPress folks offer friendly, kind, and thorough help for non-techies like me. Thanks for any help anyone can give.

    • Posted March 12, 2011 at 8:00 pm | Permalink

      Then you get help from the web host for access to the database and change it through there.

  37. Posted April 5, 2011 at 6:27 pm | Permalink

    Just out of curiosity what are the odds that someone can remember the ftp credentials and not their wordpress password.

    Thanks for the article though. One of the agents in my office lost her password and I had no idea how to handle it.

    • Posted April 6, 2011 at 5:40 pm | Permalink

      The odds are high that anyone can forget anything in any order. So sayeth my husband who lost his keys while they were still in his pocket recently. :D

  38. Posted July 26, 2011 at 2:21 am | Permalink

    If you want to recover your original password without resetting it read this article.

  39. sean browne
    Posted August 11, 2011 at 3:12 pm | Permalink

    Thanks a lot for this very helpful post which got me out of a spot of password related bother this evening!

  40. Becky
    Posted January 25, 2012 at 6:53 pm | Permalink

    Our high school soccer team website administrator passed away unexpectedly and he was the only person who had the password for the admin account, as well as the email that was tied to the account. All of the code, etc. is installed on his computer which we don’t have access to, but I know is still functioning. However, we need to know how to reset the password. Any ideas???

    • Posted January 26, 2012 at 9:13 am | Permalink

      Sorry for your loss. The article explains the methods. Some one must have access to the email account. Check with partner or spouse. Contact the web hosting service if all else fails.

  41. C. Christina
    Posted April 29, 2012 at 12:33 am | Permalink

    Thank you, Lorelle, for this post. Even two years later it helped point me in the right direction.

    Sincerely,
    C. Christina

  42. Posted November 27, 2012 at 9:53 pm | Permalink

    Thank you for the auspicious writeup. It in fact used to be
    a entertainment account it. Look complex to far delivered agreeable from you!
    By the way, how can we be in contact?

    • Posted November 28, 2012 at 12:07 pm | Permalink

      I have a contact form on this site and we’re talking now. :D

  43. hal
    Posted February 17, 2013 at 12:40 pm | Permalink

    AWESOME post!!

    RESULT= saved-my-butt ! LOL


5 Trackbacks/Pingbacks

  1. […] How to Recover a Password on WordPress by Lorelle on WordPress The first step in assuring you never have to recover a lost password on WordPress is to save your username and password in a safe place ! If you loose them here are ways to recover access to your self-hosted WordPRess Blogs Segnala presso: […]

  2. […] Blog, wo eine super Methode erklärt wird, um sich wieder Zugang zu seiner Seite zu verschaffen. Hier die Seite im Original, nachfolgend eine kurze Übersetzung. Da man ja als Web-Admin meist noch eine Version von […]

  3. […] The Agony of the Lost WordPress Password (lorelle.wordpress.com) […]

  4. […] to Highlight Author Comments Show Related Posts Without Plugins How to Display Your Facebook Status Finding a Lost WordPress Password How to Display Your Latest Twitter Entry Multiple WordPress Loops How to Get Custom Fields Outside […]

  5. […] […]

Post a Comment

Follow

Get every new post delivered to your Inbox.

Join 21,192 other followers

%d bloggers like this: