How To Reset Your WordPress Password
Have you lost or forgotten your WordPress password and can’t log back into your website?
Not being able to access your site’s admin area because you have forgotten your password or username can be very frustrating.
Fortunately, with WordPress, there is always a way to get back into your website or blog.
We will start with the simple way and if this information does not help you get access to your admin area, we will show you other options for recovering your login details.
Let’s start with some WordPress password basics.
Have You Entered The Wrong Details (Username/Password)?
Normally, if you get your username and/or password incorrect when trying to log into your WordPress site’s backend (i.e. admin) area, an error message like the one shown below will display on your login page…
If you enter an incorrect username into your WordPress site’s login box, you will get this error message:
WordPress lets you know if you enter the correct username but the wrong password:
If you have lost or forgotten your password but you know your username (or the email address associated with your username), you can get a new password.
To get a new password, click on the “Lost your password?” link in the login box error message.
You can also access the lost password feature by clicking on the link at the bottom of the login box.
Alternatively, type the following URL into your web browser (where “domain” is your domain address and “tld” is your domain extension, (e.g. .com, .net, .org, .biz, .info, etc.).
Type in your username or the email address associated with your username and click on the Get New Password button to receive a new password.
There is no password “recovery” option. You will need to reset your password.
A notification email will be sent to your email address containing a password reset link.
Click on this link to reset your password.
Enter a new password into the “Password reset” field.
Make sure to choose a strong password containing upper- and lower-case letters, numbers, and symbols, like “@, $, %, &, ^, *, #, etc.
You can also use a password generator tool to help you come up with a new and secure password.
Password Generator Tools
You can use a free online password generator tool like PasswordsGenerator.net:
Or use a password management tool like RoboForm.
RoboForm is a powerful tool that lets you generate secure passwords and store and manage all your online passwords and logins securely.
To learn more about using secure passwords and password management tools, refer to our Web Security Guide.
After resetting your password, log in as you normally would using your new password.
How To Change Your Password Inside Your WordPress Admin Area
For security reasons, avoid setting up a WordPress site with the username “admin.”
Username “admin” is the default installation username for a site built using WordPress and it’s one of the first things hackers will look for when searching for vulnerabilities on WordPress sites.
Let’s assume you can log into your site and want to change your password (or the password of any user you’ve given access to).
To change your password inside your WordPress admin area, log into your backend admin section and select Edit My Profile from the “Howdy, User” dropdown menu near the top-right hand corner of your Dashboard.
You can also access your “Profile” screen by selecting Users > Your Profile from your main admin menu.
Towards the bottom section of the screen, you will see the “change password” section. Enter a new password and confirm this password here.
Note: Avoid choosing weak passwords. Use the built-in WordPress password strength meter to help you set up a strong and secure password or use a password management tool.
Click Update Profile when done to update your password settings.
If You Can’t Remember Your Username AND Password
So far, the steps we have covered work if you have lost or forgotten your password but still remember your username and/or email address.
Can you still log into your WordPress site if you don’t know both your username and password?
Yes, you can but this is where things can start to get a little technical. Either you or someone you know will need to have some technical skills and be able to access and change things inside your server.
As this tutorial is aimed mostly at non-technical users, if the information in this tutorial hasn’t helped you get back into your WordPress admin area, then either contact someone who can provide you with technical support (i.e. your webmaster, website support, or your web host) and ask them to help you change or reset your WordPress Password from phpMyAdmin.
You can also try using the method below, which will simply reveal your username and email address, allow you to at least reset your password, and log back into your site.
All you need is admin access to your server’s control panel. Don’t worry, you won’t be changing anything inside your server…you’re just looking!
If you need help with your server or WordPress database, ask an experienced WordPress user for assistance with the method described below.
For this example, we will be working with the cPanel server/webhosting management application.
Log into your server admin control panel.
Scroll down to the “Databases” section and click on phpMyAdmin…
Click on your WordPress database to open and view all database tables.
Note: If you have multiple databases set up on your domain, make sure to select the right one.
Don’t worry if the information on your screen looks complicated.
Click on wp_users in the “Table” column on the left-hand side.
This section contains a list of all your site’s users with their usernames and email addresses. Typically, the first line is assigned to the site administrator but if you have more users and need to locate their username or email, then scroll down the list until you find the details you are looking for.
Note: The user password is also included in this section of your WordPress database (in the “user_pass” column”) but as you can see from the screenshot above, it is encrypted and displays only random-looking characters in the field.
For security purposes, WordPress stores all passwords as a cryptographic hash function (MD5 Hash) instead of plain text. This prevents even a site administrator from knowing a user’s password.
To change this password, you will need an encryption tool that lets you generate an MD5 hash, which you would then copy and paste into the password field. You can search for “free MD5 generators online” if you want to change the password yourself, but as suggested earlier, ask for assistance from a professional if you don’t know what you are doing in order to avoid causing errors.
After retrieving your username and email address, log out of your server, return to your WordPress login screen, and request a new password.
Congratulations! Now you know how to log back into your site if you forget or lose your login password.
Updated: April 8th, 2023