Ah! I lost my WordPress password!

I’ve been there. You go to log into your WordPress site and, for whatever reason, you don’t have the password. Maybe you put in the wrong password to begin with and told Chrome not to save it for you. Maybe your client has contacted you because they forgot their password into the admin section of their oh-so-sleek WordPress site you built for them. Now, it’s 2am and they want to get in TODAY!

Been there. Done that.

This is a common occurrence, but what a lot of developers don’t know is that there is an easy way to get back into your locked WordPress site if you have access to the database. In this post, that’s what I’m going to show you how to do in just four easy steps.

1. Access the databse

If you’re accessing a live site, you’ll probably do this through cPanel where you’ll be greeted with phpMyAdmin as your database GUI. In this example, I’m using XAMPP which comes with phpMyAdmin.

I’ve opened up the database associated with the WordPress instance in question, which is named “dan_demo” in this example. Here, I have access to all of the WordPress tables.

2. Open “wp_users” table

Users’ usernames and hashed passwords are stored in the table named “wp_users”. I’ll open that table in order to access the user accounts.

Above, I’ve opened the table and can see that there is one use named “admin”. As you can see, the “user_pass” field is a hash. I can’t take that hash and figure out what the password was, so I just need to change it to something that I actually do know.

3. Edit the user password

While still on the “wp_user” table, I’ll click on the blue “Edit” button for the user with the login of “admin”.

This action will take me to a page where I can edit all the fields for this row.

As you can see, the password hash is shown in the “user_pass” section (shown above in blue). What I need to do is remove that hash and replace it with the password I want to use. In this example, I’m going to replace it with “password123”.

To the left of the input field (where I just put “password123”) is a dropdown menu labeled varchar(255). From this dropdown, I need to find and select “MD5”.

After selecting “MD5”, I can scroll down to the bottom of the page and choose the “Go” button at the very bottom.

I then receive a message at the top of the page indicating that a change to a record has been successful.

4. Log In

Back to the login screen, I can simply log in with my username and the new password I set in the database.

And I have success!

This is a nifty little piece of knowledge to have at the ready for anyone using WordPress. I don’t know how many times I’ve had to call upon this know-how for a client … or for myself, for that matter (ok, ok, it’s mostly been for me).

With these four simple steps, you’ll be able to breeze through getting back into your WordPress site should you ever “lock the front door while your keys are still on the table”, so to speak.