Wordpress is a very popular open-source CMS written in PHP. It's extremely easy to install and manage, but sometimes you forget your management password. Without it, you will not be able to update your website. In this article, I am going to show you how to easily reset your WordPress admin password without having to put your website in offline mode, or risk losing any of your precious data.
This article is applicable to any OS as long as you use MySQL or MariaDB as your database server.
Requirements
You must have access to your server, either via SSH or KVM console, and be able to run the MySQL command-line tool from there.
Reset WordPress admin password
In order to use the MySQL command-line tool, you must first log into MySQL. It is strongly recommend to use your WordPress SQL account credentials and not MySQL's root account. By doing so you can be sure that if something went wrong, at least you won't accidentally damage other databases on the server.
WordPress SQL account credentials are stored in a file called wp-config.php
at the root of your website.
We need the following lines inside the wp-config.php
file:
define('DB_NAME', 'myWordpressDB');
define('DB_USER', 'myUserName');
define('DB_PASSWORD', 'aVeryStrongPassword');
$table_prefix = 'wp_';
Now you can use this information to log into MySQL and make the necessary changes. Before going any further we are going to make a full backup of the database:
mysqldump -umyUserName -paVeryStrongPassword myWordpressDB | gzip -9 > myWordpressDB.sql.gz
Now, log into MySQL:
mysql -umyUserName -paVeryStrongPassword
List available databases:
show databases;
+--------------------+
| Database |
+--------------------+
| myWordpressDB |
| information_schema |
+--------------------+
Select your WordPress database:
use myWordpressDB;
List all WordPress users along with their ID, user name and encrypted password:
SELECT ID, user_login, user_pass FROM wp_users;
+----+------------+------------------------------------+
| ID | user_login | user_pass |
+----+------------+------------------------------------+
| 1 | admin | $P$B02fIYCZKcVrKFGpPqio80Wh7A.7NK/ |
| 2 | alex | $P$BCFybroBJDFuv1oQdLIWcNp8jMCmsl1 |
+----+------------+------------------------------------+
ID 1
belongs to the primary WordPress admin user and has the highest privileges in the software. Because of this, we will reset its password:
UPDATE wp_users SET user_pass=MD5('YourNewStrongPassword') WHERE ID = 1;
Now, if you list the users again you'll see that the user 'admin' has a new encrypted password:
SELECT ID, user_login, user_pass FROM wp_users;
+----+------------+------------------------------------+
| ID | user_login | user_pass |
+----+------------+------------------------------------+
| 1 | admin | daa0f3ff755e00a95b8dd93dfb476936 |
| 2 | alex | $P$BCFybroBJDFuv1oQdLIWcNp8jMCmsl1 |
+----+------------+------------------------------------+
The default installation of WordPress uses PasswordHash
for encrypting a user's password, which hashes it with 8 passes of MD5. However, the default MD5 hash is acceptable as well, which is why this method works.
Now you can log into your WordPress admin console with the new password.