How to Change or Reset Passwords in WordPress

Last Updated on September 15, 2022 by 3 Comments

How to Change or Reset Passwords in WordPress
Blog / WordPress / How to Change or Reset Passwords in WordPress
Play Button

As with most software, your WordPress login credentials should be at the top of your list of things to keep safe and secure. Sometimes, even when you take the best measures to protect yourself, you can lose passwords. Or some malware compromises them. Either way, you will need to change or reset them in WordPress. You might even notice that a user other than yourself has been compromised and needs a password change or reset. We want to walk you through how to both change and reset WordPress passwords to keep your site running smooth as silk and safe as a locked house.

The Difference in Changing and ResettingΒ Passwords

One point we want to clarify before getting started is that we’re going to refer toΒ changing passwords andΒ resetting passwords in this article. While they are synonyms, they are not the same thing.

When we refer toΒ resetting passwords, that will indicate going through a process such as using aΒ forgot your password feature or something similar. WordPress will handle the reset from a series of scripts or functions.

When we talk aboutΒ changingΒ a WordPress password, we mean manually swapping one password for another. You will type in and swap one password for another, such as in a fillable form under a user profile or in a database find and replace.

Subscribe To Our Youtube Channel

1. How to Change Your WordPress Password through the Dashboard

The easiest way to change your WP password is by logging into your WordPress dashboard as normal. Then, navigate to to Users – Profile (1) in the left admin panel.

change password user dash

Scroll down until you find theΒ New Password (2) option underΒ Account Management and set what you want your new password to be. WordPress will indicate if your new password is weak, medium, or strong (while offering a β€œstrong” password by default). If you choose to enter your own and WordPress is considers it β€œweak,” then you will need to verify you want to use a weak password. Then just press Update Profile (3). And you will have changed your password.

1a. Changing or Resetting Other Users’ Passwords

You can also follow these same steps if you have Administrator privileges on the site. Navigate to theΒ Users – All Users (4) page, and then selectΒ Edit User (5).

reset other user wordpress password

In the same way you did above, findΒ Account Management (6) and clickΒ Set New Password. Go through the same steps, and the password will be changed.

change password for others

Additionally, you can send an automated password reset to the user. WordPress does warn you that this method does not force a change in credentials, so if you absolutely need this user’s access altered, it must be done manually through this page.

2. How Reset a WordPress Password via Email

If you don’t have access to your current password, but do have access to the registered email, you can use theΒ Lost Your Password? link on the WordPress login page. New WordPress sites use /wp-login as the default page, but yours might have been changed for security reasons. Regardless, wherever you login, you should see aΒ Lost Your Password? link.

lost your password?

At this point, the site will redirect you to input the username or email you want to reset. Either will work. However, if neither exists in the sytem, you will be told as much.

password reset

When you clickΒ Reset Password (2), check the email address associated with that account. In most cases, it will send immediately.

email reset

You will just need to click the link in the email that says something along the lines ofΒ Click Here to Reset Your Password (3).

reset

Just fill in the fields for the new password, clickΒ Save (4), and you can then login with your new credentials.

3. How to Change WordPress Passwords in phpMyAdmin

Many WordPress users will never dig deep into their site’s PHP files, much less their core WP database. However, if you lose access to your site for some reason (which may be why you need a new password) or you’re having email issues or your server is down…you might need to dig into the database to reset that WordPress password.

And the easiest way to do that is using phpMyAdmin. You should be able to access this tool through your host’s dashboard, regardless of if you use cPanel or their own special one. It’s should be located under tools or something similar. In SiteGround, it’s underΒ Site (1) – mySQL (2) – phpMyAdmin (3) – Access phpMyAdmin (4).

phpmyadmin

Once inside phpMyAdmin, you can look to the left-side of the screen and find your database (5). It will be named similarly to something_wp00, and you can click inside it to load the contents and see all the tables. Find one calledΒ wp_users (6).

wp_users database for passwords

Inside this table, you will find a list of every user that has registered on your site. TheΒ user_login is generally the one you will use to find the user you’re changing the password for. But nearly all the columns have identifying information, so you shouldn’t be lost at all. You are looking for theΒ Edit (7) button in the left-most column, and you will also see the user_pass column (8).

wp_users and passwords

The passwords are encrypted in this list. You will not have to do that yourself, just select from a dropdown on the next screen. Don’t worry.

reset and go

You will want to find the user_pass row, select MD5 as an encryption method, and then type the new password (in plain text!) in the field to the right. Then pressΒ Go (10), and the new password will be in effect.

Some of you might wonder why we are using an older encryption method like MD5 for passwords, and that’s because while WordPress has since moved on beyond MD5 for encryption, it is still supported. The WP software will use the most up-to-date method it has to encrypt, but using MD5 is a security measure to ensure that even older, out-of-date versions aren’t left vulnerable with plain-text passwords.

reset into encrypted

No matter what you set the password to, the table will show a different encrypted string in theΒ user_passΒ  (11) column than before, which shows you that the password change is in effect. If the encrypted string doesΒ not change, then the password didn’t change. The chances of the encrypted string remaining the same are so infinitesimally small that it’s effectively impossible.

4. How to Change the WordPress Admin Password with functions.php

If all else fails, but you still have access to your site’s file system, you can connect by FTP or through your host’s dashboard to change your password. This is not the best way to do it, but it’s possible. You want to navigate toΒ /public_html/wp-content/themes/current-theme-folder/Β (1)Β  and find theΒ functions.php (2) file.

functions reset

Then, you will need to download a copy ofΒ functions.php. Any time you touch a required PHP file, you want to back it up. After that, open it up in your favorite editor. Or the in-browser one if your host supports it.

edit the file

At this point, you need to add the following line into yourΒ functions.php file. (You can read more on this function on WordPress.org)


wp_set_password( 'you_new_password', 1 );

Where the variableΒ β€˜your_new_password’ is replaced by your new password. TheΒ 1 in the string indicates the primary site administrator as the user. Using this method is the safest bet to regaining access to your site. If you happen toΒ  know a different user ID number, that’s also possible. But 1 will always be the site admin. So 1 will always grant you access.

reset password

Remember this method will reset the WordPress password in plain text (non-encrypted). So this is a quick fix that you will disable ASAP. Once you’re logged in, go back into the file and delete that lineΒ immediately. Because it’s part of the theme’sΒ functions.php file, it will reset that password whenever that line is called…which is on any page load.

Work quickly and work safely with this. But you’re pretty much guaranteed access this way.

Wrapping Up

Losing access to your WordPress site is one of the most terrifying things that can happen to you. As a user and as an administrator. Luckily, you have options no matter from which level you access the site. Getting back in can be as simple as clicking a lost your password link. Or maybe you need to manually dig into the database or alter PHP. Regardless of your reason or method of recovery, you shouldn’t be locked out of your WordPress site for long.

Why have you had to change or reset your WordPress passwords in the past?

Article featured image by Chaliya / shutterstock.com

Divi Cyber-monday Sale

It's The Divi Cyber Monday Sale! Save Big For A Limited Time πŸ‘‡

Save big on Divi and Divi products for a limited time.

Access The Sale
Divi Cyber-monday
Premade Layouts

Check Out These Related Posts

WordPress Security Guide for Busy Freelancers (2024)

WordPress Security Guide for Busy Freelancers (2024)

Posted on November 22, 2024 in WordPress

Though WordPress is built to be secure, it’s not entirely safe. It requires regular maintenance, and your responsibility increases even more when you manage your clients’ WordPress. This WordPress security guide lists effective set-it-and-forget-it ways for freelancers and agencies to...

View Full Post
Best WordPress Black Friday & Cyber Monday Deals! (2024)

Best WordPress Black Friday & Cyber Monday Deals! (2024)

Updated on November 26, 2024 in WordPress

Black Friday is the ultimate shopping holiday, and this year, we’re spotlighting some of the top deals outside the Divi ecosystem. These exclusive offers on industry-leading tools and services are designed to help creators, marketers, and entrepreneurs like you elevate your projects without...

View Full Post

3 Comments

  1. Thanks for this complete guide.

  2. Just use a rememberable password with 1 upper case character, a special character and a number inside to make it stronger. That’s it.

    • Another type that I use for things I need really secure are pass phrases, where I will use a string of words and spaces if the service takes its. Such as “the dog rolled some dice and came out a winner”. That sort of thing is a lot harder to break than even an alpha numeric pass, apparently.

Leave A Reply

Comments are reviewed and must adhere to our comments policy.

πŸ‘‹ It's The Divi
Cyber Monday Sale!
Get The Deal
Before It's Gone!
Get Started With Divi