Recently, two different clients lost their WordPress password. One couldn’t find the log in password for her WordPress blog. Since she is always logged in, she didn’t use it regularly and mislaid the original copy. The other had set up a test WordPress blog on their server ages ago for handling upgrades and conversions, and now wanted to upgrade to WordPress 2.7 to prepare his Theme for the new version, misplacing his password, too. Then I had a computer glitch the same week during a WordPress install and the password step was somehow bypassed, locking me out of the new WordPress install.
For whatever reasons, all three of us couldn’t get the password to work that was emailed to us by WordPress. Without access to the WordPress Administration Panels where we can change our passwords, we’re left hunting for other methods.
Please, do not contact WordPress for help recovering your password on self-hosted WordPress blogs. You can ask for help in the WordPress Support Forums and they will give you the following advice.
If you have lost your password with your WordPress.com blog, click the link on your login to have the password mailed to you directly, or contact WordPress.com support.
While there are many ways of resolving this issue, two tools are life savers for lost passwords if you are caught in this same situation.
The Emergency Password Recovery File
Try the Reset Your Lost WordPress Administrator Password Emergency, a PHP file you upload to your WordPress blog root directory and initiate through your browser. It will generate your WordPress username and password.
Remove the emergency.php file immediately afterward to protect yourself and your WordPress blog.
I tried it with WordPress 2.7 and it continues to work. This is an easy way to recover your password when all else fails and if you are unfamiliar with code and databases.
Manually Change Your Password Settings
The second method is actually the preferred method and is described in the WordPress Codex, the online manual for WordPress Users, in Resetting Your Password. It involves going into your MySQL database and manually changing the password within the tables.
Be aware that there are different versions of MySQL and your version may differ from the instructions.
In the MySQL database:
- Go to
wp_usersand click “browse.” - On the
user_passfield, click “browse” and find the ID number associated with your login (there is usually only one) and click Edit. - Select the password content and delete it. Type in your new password as you normally would.
- In the dropdown menu, choose MD5.
- Click Go or Save at the bottom of the screen.
- Return to the tab for your WordPress blog and test the new password. If it doesn’t work, start over.
Remember, the first step in assuring you never have to do this is to save your username and password in a safe place where you will remember where you put it.
Site Search Tags: wordpress help, wordpress password, lost password, finding my password, need password, need wordpress password, lost wordpress password, wordpress tips
Subscribe 
Via Feedburner 
Subscribe by Email 
Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won't Tell You About Blogging.
Lorelle on WordPress 
59 Comments
There is an easier way. If you can’t login, but you can access your site via FTP, then just edit the theme’s functions.php file and add this code to it, right at the top after the first <?php bit:
wp_set_password(‘password’,1);
Put in your own new password for the main admin user. The “1” is the user ID number in the wp_users table. After you then login, make sure to go back and remove that code. Don’t leave it there by any means.
Simple.
@Otto: Thanks for the easier tip. You’re always there with the innovative techniques!
Awesome worked still today.
You mean we shouldn’t just use the same password everywhere? 😉 (this is a funny, please, no one should take that seriously 😐 )
Most of these techniques are going to require a bit of tech savvy, even Otto’s suggestion. Which is why I always make sure I know a few of the main players in a community when I start using a new app or technology. Just knowing who to address in a forum, bboard, etc. will speed the process of getting your challenges solved.
And something I tend to do when setting up new WordPress sites is to go into the database and change the “admin” user name to something else. If the vast majority of self hosted WP (and other CMS too) sites have user #1 as admin, half the hacker’s challenge is solved.
Oh, but don’t do that with a WPMU site. Doesn’t seem to like not having “admin” as the #1 user for some reason!
Cheers!
Another method:
If you openID enable your blog, you can associate multiple identity url’s with your account. As long as one of these is with an outside provider that has your email address on file, you’re ok.
Let’s say you forget both your blog password and the openid password. You use that provider’s forgot password feature. They email you a new openid password. You then use openid url to log back into your blog.
That’s actually really smart, Joseph. And considering that 83.7% of people use the same password everywhere, that will get them their password for everything! (j/k, of course!)
Wow, great tips guys!
Got two valuable lessons here. Otto’s one the simplest one.. well of coz with FTP access. Thanks very very much. 🙂
Piece of trivia: Back in the early days of WP I was in the wordpress IRC channel and I have genuinely lost my password. This would be mid 2004 probably. I asked how I could get it back and those there – all supremely geeky – told me it could not be done, to scrap the blog, start over.
So I went looking into the db and found out how to do it. One of the first things I ever wrote up for WP people was how to rescue themselves in that situation.
Ooooh, a bit of WordPress trivia. I always wondered how you got started helping people so much with WordPress. People like you and me, it seems like we’ve been here forever! Thanks, Mark, for all you do every day, often invisible to the world, to help make WordPress better.
And for those who do not know it, Mark was the first community leader and support team of one for WordPress.com after successfully building the first WordPress Support Forum volunteer team that organized the WordPress Community’s eager helpers into some form of continuity and structure. Thanks, Mark, for all the incredible hard work and for having been there through all the ups and downs!
Thank you for your great tips, guys!
I’ve not locked myself out of my blog yet, and I hope I never will but who know? It is good to know there are back doors I can use in case I lose my WordPress password.
OK, I’ve a little different question. I was hitted by a trojan that installed stuff in a server where I had 7 WP sites. Long story short, the only way to get rid of it was deleting everything and re-upload (after cleaning my PC, of course). Everything went smooth until I realized I didn’t have the pass for the MySQL database on one of the sites (the larger one to make it worse), so my question is how to recover the password for an specific database
You’ll need to ask in the WordPress Support Forums or in a forum for support of MySQL. Good luck.
well otto gave a very goood suggestoin indeed. here is my suggestion to reset the password https://lorelle.wordpress.com/2009/02/06/the-agony-of-the-lost-wordpress-password/ using mysql.
@coco – there is no way you can recover MD5 protected passwords, this is how it is supposed to be.
Thanks Lorelle! It is very scary when losing a WordPress password….at least now I know how to recover…
I have a problem… a forgotten password. I’ve tried the advice from Otto, but have had no success. Could anyone please help me with this. If Otto reads this could you please, please help. I just can’t seem to get it. I understand your solution, but I gyess I’m not inserting it properly.
Please, please help!!!
Sincerely,
Keith
Thanks Lorelle! Once again you have great WP info!
I’m having problems recovering my password. I have the original email with my password but that one isn’t working for some reason. I tried to reset it but am not getting the link, not sure what email it’s going to. The login page has only one button at the top that sends me back to the blog – no option to go into the database. Am I screwed?
Follow the links and information in the article to recover your password. Go through your web host cpanel or whatever they are using to get to the MySQL database. Good luck. And write the email, username, and password down in a very safe, and findable, place. 😀
Thanks very much…
Great! Thanks for the tip. I had tried getting my password reset via e-mail and it didn’t work, but this worked perfect!
Good advice, the md5 soluion is a good one, or simply cut and paste a known password from another database (localhost) with your known standard password. Saved my bacon a few times 🙂
ive have this issue and have used the emergency.php file which said it had reset my password. However, when i go to login it isnt recognised.
Any help on this one greatly appreciated.
Jimmy
went through post again and solved it
your phpmyadmin instructions MUCH simpler than the one in the CODEX
thanks
i tried the whole resetting the password thing and it didnt work. I have no idea how to go into my godaddy hosting account to do these adjustments in “mysql database”.
I think I also tried setting up a new blog with my same email address so when I try to recover my password, it just does it for my new inactive one. sigh.
I need some serious help…
I found my link to manage via phpmyadmin but I dont have my correct password to get in(my uncle set up my site). I guess he has it… But is there a way to find my password without going this route? Im suprised I have gotten this far. Im not a tech savy guy at all.
Thanks! This article just saved us from a long stressful night waiting on tech support to get back to us…
how do you get into the mysql database?
There are many articles on the web about how to get to the MySQL database, but check with your web host. They have the solutions.
Please contact your web host for help if you cannot figure it out.
Thank you for sharing this info. First time I’ve ever lost password to my site and this worked like a charm!
omg… a simpler system would be if there was a drop-down menu that had something, ANYTHING pertaining to the wordpress password change menu. I don’t know sql, don’t know anything about programming but what I *DO* know is that my five year old nephew can change a password easier than any adult, on every system EXCEPT wordpress.
these “instructions” are so convoluted, i could build a jet airplane faster and easier.
ffs.
These instructions do not apply to WordPress.com. When you log in to WordPress.com, there is a link to request a temporary password for those who have lost their password. Nothing convoluted about that. If you wish to change your password, go to your Profile on your WordPress.com blog and change it there. It’s very, very simple.
The hackers seized my website and I could access my admin panel until I came to read this post. It has helped me to fully recover my site from the hackers. Thank you a million times for been a sources of help to us through this website.
I mean I could not get into my wordpress admin panel for many weeks. When I read through this post, at first it seemed to me like someone speaking in tongues, but i read it over and over again, then I was able to do it myself. Thank you once again.
I have a slightly different issue. Someone being a PITA clicked the “login” link on one of my blogs, and then clicked the “lost my password” link which effectively reset my password for one of my self-hosted WP sites. Is there any plugin that will hide the login page so that it’s less vulnerable, without making the site also more of a PITA for *me* to reach?
There are several such Plugins. I’ve not tried any of them. However, unless they have the correct email and/or username, they should not be able to do that. I recommend that you create two accounts. One for the administrator level where you can modify everything, and another for contributing your content (author) which restricts assess to the sensitive bits. Use the administrator level only when you are making major site changes and the other for the day to day work of publishing content. This restricts access and adds another layer of protection.
Thanks for the quick tips on changing password. Some how the email for the admin was changed to an email in France (a hack? I don’t know) and so I was not able to get an email to reset the password.. changed the password in the database and now I’m back in the blog. Thanks Again
If you are given a emp password how and where do you change that?
When you go to log in, as the article explains, simply request a new password by clicking Lost Password in WordPress. The article explains the rest.
Thank you Lorelle, I just used #2 of your post and found my elusive login name for my wp multi site,
Many Thanks,
Richard
Thanks a bunch… I have been looking for this solution for a little while. Another way to easily change your password is to note down the email address you used to use to reset your old password in your last step. If it is one that you can still access, go to the login page of your WP blog, then click on that link that says “lost password?”, then input that email address you used, it should be an easy fix… If it is not an email address that you can access, simply delete the current email address and type in the new one… then save.
Either way thanks!
I need to get my wordpress api key that they say was e-mailed to me when I first set up my blog. I did not write the username or password down and can’t find the e-mail. I don’t remember setting up anything except the the login info and password for my site.I have tried to reset a password using wordpress instructions but my email address was not recognized (I have several email addresses but none were recognized).I wanted to use the plug-in for counting visitors to my site but I need that api number. How do I get it? I am a newbie and do not have any tech knowledge.
Are you talking about the WordPress.com Stats Plugin? Use whatever method they recommend for getting a new API key. Log into WordPress.com and request another, or sign up for a new account and start fresh. Or try another analytics program. I don’t work for WordPress so I can’t help you directly.
Thanks for your help I will try this.
The glory of Google… and nice folk offering to help solve problems.
Just tried to comment on a blog. To do so it claimed I need to log in… via WordPress. fair enough.
Quick search on my Mac and I get:
[WordPress.com] Your new password
Username: xxx
Password: yyyyy
https://wordpress.com/wp-login.php
Trouble is, they don’t work. But there is a reminder function.
Trouble that claims my email addy doesn’t exist to send.
Now, I’ll concede the user name and password, but no way is my email, and the one they used to email me the above.
So I go to this: https://wordpress.com/wp-login.php
And it works!
Does this just mean the script between the blog and WordPress is corrupted?
No, it means that the secure https option is now required for access to WordPress.com passwords. That didn’t used to be a requirement, but now they might have made it one. Usually it converts automatically. Nothing wrong. It’s normal stuff.
Lorelle – tx… will try on this basis
What about when you no longer have either your username or your password (not for my site, but for the forums)? My wordpress.org administrator username and password don’t work for posting questions in the forums, which I’ve looked exhaustively within for a solution. All this got complicated when I moved my site from wordpress.com to wordpress.org. I’d surely appreciate a way to be able to use the forums for posting questions again. WordPress folks offer friendly, kind, and thorough help for non-techies like me. Thanks for any help anyone can give.
Then you get help from the web host for access to the database and change it through there.
Just out of curiosity what are the odds that someone can remember the ftp credentials and not their wordpress password.
Thanks for the article though. One of the agents in my office lost her password and I had no idea how to handle it.
The odds are high that anyone can forget anything in any order. So sayeth my husband who lost his keys while they were still in his pocket recently. 😀
If you want to recover your original password without resetting it read this article.
Thanks a lot for this very helpful post which got me out of a spot of password related bother this evening!
Our high school soccer team website administrator passed away unexpectedly and he was the only person who had the password for the admin account, as well as the email that was tied to the account. All of the code, etc. is installed on his computer which we don’t have access to, but I know is still functioning. However, we need to know how to reset the password. Any ideas???
Sorry for your loss. The article explains the methods. Some one must have access to the email account. Check with partner or spouse. Contact the web hosting service if all else fails.
Thank you, Lorelle, for this post. Even two years later it helped point me in the right direction.
Sincerely,
C. Christina
Thank you for the auspicious writeup. It in fact used to be
a entertainment account it. Look complex to far delivered agreeable from you!
By the way, how can we be in contact?
I have a contact form on this site and we’re talking now. 😀
AWESOME post!!
RESULT= saved-my-butt ! LOL
5 Trackbacks/Pingbacks
[…] How to Recover a Password on WordPress by Lorelle on WordPress The first step in assuring you never have to recover a lost password on WordPress is to save your username and password in a safe place ! If you loose them here are ways to recover access to your self-hosted WordPRess Blogs Segnala presso: […]
[…] Blog, wo eine super Methode erklärt wird, um sich wieder Zugang zu seiner Seite zu verschaffen. Hier die Seite im Original, nachfolgend eine kurze Übersetzung. Da man ja als Web-Admin meist noch eine Version von […]
[…] The Agony of the Lost WordPress Password (lorelle.wordpress.com) […]
[…] to Highlight Author Comments Show Related Posts Without Plugins How to Display Your Facebook Status Finding a Lost WordPress Password How to Display Your Latest Twitter Entry Multiple WordPress Loops How to Get Custom Fields Outside […]
[…] […]