Looking to reset your WordPress password? If you’re unable to reset the password through WordPress for any reason, there’s a simple way to do it directly through the database using phpMyAdmin.
In this guide, we’ll show you how to reset or, in other words, how to change the password for WordPress via phpMyAdmin. Additionally, we’ll explore an alternative method that allows you to log in to the WordPress admin interface without access to phpMyAdmin by adding a new user through the functions.php file.
For the purpose of resetting the password through phpMyAdmin, you need access to the server’s control panel where your site is hosted (cPanel in this guide). To create a new user through the functions.php file, you’ll need FTP or SFTP access to your server.
If you have SSH access to your server, WP-CLI is the fastest way to reset a password. Simply run:
wp user update USERNAME --user_pass="newpassword"and you’re done.
2 Ways to Reset Password in WordPress
WordPress provides a very simple way to reset the password. Simply go to the login screen and click on “Lost your password?”.
Clicking will take you to the password recovery page, where you can enter your email or username to reset your password. Once done, WordPress will send an email to the email address associated with the user account you entered.
But what if you don’t have access to that email or WordPress fails to send the email? In such a situation, you won’t be able to reset the password. In cases like this, you need to reset the password directly in the database, and the easiest way to do this is through phpMyAdmin.
First Method – How to Reset WordPress Password via phpMyAdmin
The first thing to do is log in to the control panel of cPanel where your hosting company provides access. Then, click on phpMyAdmin under Databases.
Clicking on this button will open the phpMyAdmin screen where you need to select WordPress database as shown in the following example:
At this point, you will see a list of tables in the WordPress database. You need to look for the {table-prefix}_users table and click on Browse.
Keep in mind that the table prefix in your database may be different from the table prefixes shown in this example.
Now, you’ll see a list of rows in the WordPress users table. Go to the username for which you want to change the password and click on the edit button next to it.
phpMyAdmin will now display a form with all the user’s information fields. You need to delete the value under the user_pass field and replace it with your new password. Under the function column, choose MD5 from the selection menu and click the Go button.
The password will now be encrypted using MD5 hash and stored in the WordPress database. It’s worth noting that in older versions, WordPress used the same MD5 to encrypt passwords.
However, from version 2.5 onwards, WordPress started using stronger encryption technologies. Nevertheless, WordPress still recognizes MD5 to accommodate older versions.
When you log in with a password stored as an MD5 hash, WordPress will recognize it and automatically re-hash the password using its current hashing algorithm (phpass/bcrypt). From that point on, your password will be stored securely.
Second Method – Adding a New User to WordPress via functions.php
Let’s assume you don’t have access to cPanel or phpMyAdmin. What can you do in this situation to reset the password? If you have FTP/SFTP access to your server, you can add a new user with administrator permissions using the functions.php file.
Log in to the server via FTP/SFTP and navigate to your active theme’s folder to edit the functions.php file. If you’re using a child theme, edit the child theme’s functions.php. Add the following code:
function sv_wp_admin_account(){
$user = 'Username';
$pass = 'Password';
$email = 'email@domain.co.il';
if ( !username_exists( $user ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $user, $pass, $email );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
} }
add_action('init','sv_wp_admin_account');
Change the details for the new user in lines 2-4, making sure to choose a username and email that do not already exist in the system for this method to work.
After adding this code, the moment you access the WordPress login screen, a new user with administrator privileges will be created with the username and password you specified in the code.
Remove this code from functions.php immediately after logging in with the new user. Leaving it in place is a security risk – anyone who reads the file can see the credentials, and the code runs on every page load, which is unnecessary overhead.
Frequently Asked Questions
wp user update USERNAME --user_pass="newpassword"), or add a temporary admin user through the functions.php file.functions.php immediately after logging in. The code contains plaintext credentials and runs on every page load, which is both a security risk and an unnecessary performance hit.wp user update USERNAME --user_pass="newpassword" from the command line and the password is changed instantly. No database browsing or file editing required.user_pass field and select MD5 as the hashing function. Do not modify any other fields in the users table. The password will work immediately, and WordPress will upgrade the hash to its stronger format on your first login.Hope this guide helps you understand how to reset the WordPress password via phpMyAdmin. Once you’ve regained access, it’s a good time to review the guide on securing WordPress sites and consider changing your WordPress login URL for added protection.
