Can’t remember your password? “Lost your password” link not working? It’s time to learn how to reset a WordPress password from phpMyAdmin.
An estimated 13,000 WordPress sites are hacked every single day, so you’re not alone if this has happened to you. You’re not without recourse, either. In fact, you can easily reset your password with phpMyAdmin.
This guide will answer three key questions:
- Why reset your WordPress password from phpMyAdmin?
- What is phpMyAdmin anyway?
- How to reset a WordPress password from phpMyAdmin
Let’s dive into it!
Here you can find a full guide on How to Create a WordPress Website
Why reset your WordPress password from phpMyAdmin?
In most cases, the best–and easiest–way to reset your WordPress password is to click the “Lost your password” link under the login form. Unfortunately, there are a couple of instances where this link won’t work:
- If your WordPress site doesn’t send the password recovery email
- If you’ve been hacked and the hacker changed the email address as well as the password
- If you’ve lost access to your admin email address
If you find yourself in one of these situations you’ll need to reset your password from the database, which is most easily done through phpMyAdmin.
What is phpMyAdmin anyway?
phpMyAdmin is a free software tool that makes it easier to manage databases, tables, users, permissions, and other key aspects of your website. This tool is separate from WordPress and must be accessed through your web hosting account.
Let’s take a look at how phpMyAdmin can be used to reset your password!
How to Reset WordPress Password from phpMyAdmin
Step one: Open phpMyAdmin
The first thing you’ll need to do is open the phpMyAdmin database from the cPanel. You can reach the cPanel by logging into your web hosting account and clicking on the “cPanel” or “My cPanel” option. In most cases this will be at the top of your account page, but the placement may vary depending on your host.
Once you’ve opened your cPanel, scroll down to “Databases” and click “phpMyAdmin” to open the phpMyAdmin dashboard.
You can also access the PHPMyAdmin directly through the URL: mywebsite.com/phpmyadmin but not always this is possible.
Step two: access the wp_users table
From here you’ll need to open the WordPress database, which will be the first database listed in the sidebar on the left side of the page.
You’ll now see a long list of tables containing key data that helps your WordPress site run smoothly. Find “wp_users” in the list and click on it.
Pro tip: “wp” is the default prefix for your core WordPress tables, so hackers know to look for it. If you want to improve your site security you can change the table prefix.
Step three: find the user
When you open the “wp_users” table you’ll be able to see basic user information such as usernames, email addresses, and passwords. Find your user listing and click the “Edit” link in that row.
Step four: change the password
On the next page you’ll be able to change all of the basic details for this account. You’ll see the current password listed under “user_pass”. To change this, simply click on the text area, delete the current password, and enter a new one.
You can further increase the security of your password by choosing “MD5” from the “Function” dropdown menu in the “user_pass” area. This will automatically encrypt your password.
Pro tip: To avoid being locked out of your account again, make sure you’re using a strong password that contains numbers, symbols, lowercase letters, and uppercase letters. If you’re struggling to come up with a suitable password you can use a password generator. You can also use a password manager to create and store passwords.
Step five (optional): change the username
While you’re in phpMyAdmin, you can also change your username to make your account safer. This is especially important if you’re using “admin” as your username, as this is the first thing people will guess when trying to hack your site.
Step six: save your new password
When you’re happy with your password and other security details, save your password by clicking “Go!” at the bottom of the screen. This will save your new user information and send you back to the “wp_users” table.
And voila! You’ve now got a shiny new password and restored access to your site.
Final advice on How to Reset a WordPress password from phpMyAdmin
Losing access to your WordPress site is scary, but there are many ways to get your account back. One of the easiest is to reset your WordPress password through phpMyAdmin.
You can also do a few things to make it less likely that you’ll lose access to your account again:
- Make sure you use a strong password. A strong password includes a mix of uppercase and lowercase letters, numbers, and symbols, with at least 16 characters total. If you’re struggling to create a strong password or you’re worried about forgetting it, use a password manager. You’ll also want to make sure any other site administrators are using safe passwords.
- Change your password regularly. Many tech security experts recommend that you change your password at least once every ninety days. You can wait a bit longer if you have a strong password, but you should definitely change it if you find any malware on your computer or any signs of unauthorized access to your account.
- Change your username. Another good way to increase security is to switch to a username that’s harder to guess. At the very least, make sure you’re not using “admin” as your username!
- Install a login security plugin. A plugin like Wordfence Login Security makes it easy to set up two factor authentication and/or a CAPTCHA on your login page. This protects you from both bot attacks and human hackers.
- Make sure your plugins, themes, and WordPress version are up-to-date. Plugins, themes, and WordPress itself are constantly being updated to improve functionality and security. Make sure you’re using the most recent versions of these tools for the best protection possible. You should also delete any plugins or themes you’re not actively using.
- Back your site up regularly. If something does happen to your site, you want to be able to reboot it without losing any of your hard work. The good news is that you can find many web hosts that offer automated backups bundled into their hosting plans.
Read More: Guide to WordPress Security
With these precautions in place, you’ll be able to keep your site safe from the majority of bots, hackers, and other folks with malicious intent. And, if you do lose access again, now you know how to reset a WordPress password from phpMyAdmin!
Dianna Gunn is a freelance SEO consultant and writer with 14 years of experience working with WordPress.