If you need to change your WordPress password, you might be panicking. You’ve lost access to your site and you don’t know how to get in again.
Typically this occurs when someone simply forgets their WordPress password, they don’t have access to their email for a standard password reset, or their WordPress site isn’t sending emails correctly.
In this post, we’ll walk you through a few quick and easy steps on how to change WordPress passwords (or reset them) for all the different types of scenarios you might encounter.
Prefer to watch the video version?
Let’s start by looking at the difference between changing your password and resetting it, so you know which one it is you need to do.
Changing Your WordPress Password vs Resetting It
Changing your password and resetting your password in WordPress result in similar outcomes.
Changing your password is something you do yourself. If you have access to your website and your profile settings, you should be able to change your WordPress password easily. In other words, you change your password when you know your current password.
Resetting your password is something you’ll need to get the system to do for you, or maybe ask an administrator if you aren’t one. For this post, I’m assuming that you are the site admin and you have access to resetting passwords for other users – which is something I’ll show you how to do later in the post.
The main thing about resetting a password is that you do it when you don’t know the existing password.
Scenarios When You Need to Change or Reset Your WordPress Password
There are a number of methods you can use to change or reset a password in WordPress, and many of them apply in more than one scenario.
So let’s take a look at those you might want or need to change your password, and identify the methods you can use for each.
1. Changing WordPress Password with Account Access
So you know your existing password, but you want to change it. Maybe you’ve been given a new WordPress account by an administrator and the password isn’t secure enough or you won’t be able to remember it. Maybe you want to change your WordPress password because someone else has accessed it.
Assuming you have access to your WordPress site, and you know the existing password, you have two options for doing this:
- Use the My Profile screen in the WordPress admin to create a new password.
- Access your site via WP-CLI and use a command to change the password.
I’ll show you how to do each of these later in this post.
2. Changing or Resetting WordPress Password with Email Access
In the next scenario, you don’t know the existing password but you do have access to the email account you used for your WordPress user account. You’ll have to reset the password as you don’t know the old one, but it should be quick and easy.
Here are the options available to you:
- Use the lost password link in the WordPress login screen.
- Reset the password in cPanel, if you used an auto-installer to install WordPress.
- Reset the password in phpMyAdmin. If you’re with Kinsta, reset the password in phpMyAdmin via the MyKinsta dashboard.
- Use FTP to reset the password.
- Use the Emergency Password Reset Script.
Skip ahead to the instructions for using each of these methods.
3. Changing or Resetting WordPress Password Without Email Access
Now let’s imagine you don’t have access to the email address associated with the account. Here are the methods you could use:
- Reset the password in cPanel.
- Reset the password in phpMyAdmin. If you’re with Kinsta, you can easily reset the password in phpMyAdmin through MyKinsta.
- Use FTP to reset the password.
Again, skip ahead to the instructions for using each of these methods.
4. Resetting Another User’s WordPress Password as the Site Admin
This scenario is slightly different, as it’s not your own password you’re resetting but someone else’s. In this situation you won’t have access to the other user’s old password, so you’ll need to do a reset.
Here are the available options:
- Use the WordPress Users screens to access the user and reset their password.
- Reset the password in phpMyAdmin.
Now let’s look at each of the methods in turn.
How to Change or Reset Passwords in WordPress
If all you need to do is change your own WordPress password and you have the old one, you can do this in the admin. You can also reset your password in the admin if you have access to email.
And finally, as a site admin you can reset another user’s password.
Changing Your WordPress Password in the Profile Screen
If you have access to your site and just want to change your WordPress password, you can do it in the Profile screen.
In WordPress, go to Users > Your Profile to access your profile screen.
Scroll down to the Account Management section at the bottom of the screen.
Click the Generate Password button. A new password will be generated for you and displayed for you to copy. If you want to edit it, you can do so.
Click the Update Profile button and your new password will be saved. You’ll need to log in again with the new password – so make a note of it.
If you think you might be logged into your WordPress site on multiple devices or browsers, or you suspect that someone else might have used your credentials to access your site, click the Log Out Everywhere Else button too.
Using the Lost Password Link to Reset Your Password
If you have access to the email account you used to set up your WordPress account, but you don’t know your password, you can use the forgot password link to quickly reset your password.
Browse to your WordPress login page, typically this is located at /wp-admin, such as: https://domain.com/wp-admin. Then click on the Lost your password? link at the bottom.
On the next screen, enter your username or the email address you used for your WordPress account. Click on Get New Password and you will receive a link to create a new password via email.
Check your inbox and click the link in the email you receive. You’ll be taken to a screen where you can reset your password.
Finally, log into your site using the new password with your username or email address. Done.
Using the WordPress Admin to Change (or Reset) Another User’s Password
If you’re the site administrator, another user might ask you to reset their password.
Or you might choose to reset their password because it’s not secure enough or it’s been shared too widely. In both cases, you can reset the user’s WordPress password via the admin screens.
In the WordPress admin, go to Users. Find the user whose password you want to rest and click the Edit link beneath their name.
This will open up the editing screen for that user.
Scroll down to the Account Management section and click the Generate Password button.
A new password will be generated. You can edit it you want to: make sure that if you do, the password is strong.
Click the Update User button. The user will be sent an email with details of their new password.
How to Change WordPress Password via WP-CLI
If you have access to the site, another option for resetting or changing a password is via WP-CLI. You can change any user’s password this way.
Start by accessing your site via WP-CLI as you normally would.
To change a password, navigate to the root directory – the folder where you installed WordPress. Get a list of users by typing this command:
wp user list
Find the user whose password you want to reset and make a note of their user ID. If it’s the site admin, the user ID will be 1, but you can use this method to change other user passwords too.
Type the following command:
wp user update 1 --user_pass=password
Replace “password” in the example above with the new password for the user and make sure you use a much stronger password than that.
If the user ID you want to work with isn’t 1, replace the 1 in the example with their user ID.
How to Change (or Reset) WordPress Passwords from phpMyAdmin
Another way to change WordPress admin passwords is directly in the database via phpMyAdmin. If you don’t have access to your email or your WordPress site isn’t sending emails correctly, this might be the only solution you have.
You might also have to use this method if you are on a local development install. If you are a Kinsta customer you can always reach out to support for assistance if you don’t feel comfortable doing this.
You’ll first want to login to phpMyAdmin. If your web host is using cPanel, the link to phpMyAdmin is typically found under the database section.
If you are a Kinsta customer you can access phpMyAdmin directly from your MyKinsta dashboard. You can find the login credentials there as well.
On the left-hand side, click on your database. Then scroll down and click on the wp_users table. wp_users is the standard table used on fresh WordPress installations.
However, some sites might have a prefix added for security purposes. In this case, it might be named slightly different, such as wp56_users.
On the row next to your admin username, click on Edit. If you have multiple users on your WordPress site, double-check to ensure you are editing the right one.
In the column user_pass, you can enter a new value for your password. Ensure that you select MD5 from the function column. Then click on Go at the bottom.
And that’s it! You have now changed your WordPress admin password.
You can return to your WordPress login screen and use your updated credentials to access your site.
Changing (or Resetting) WordPress Passwords from phpMyAdmin in MyKinsta
If you’re with Kinsta, you can access phpMyAdmin via the MyKinsta dashboard and reset your password that way.
Once you’re in phpMyAdmin, reset your password using the instructions above for phpMyAdmin.
How to Reset WordPress Password using SQL
Another way to reset your password via phpMyAdmin is by using a SQL statement.
Simply run the following from the SQL tab. Make sure to update the new_password and admin_username values with your own.
UPDATE `wp_users` SET `user_pass` = MD5( ‘new_password’ ) WHERE `wp_users`.`user_login` = “admin_username”;
You can access SQL via the SQL tab in phpMyAdmin.
How to Change WordPress Passwords via FTP
Another way to change or reset your passwords is through FTP.
Navigate to the root directory of your site:
Now navigate to wp-content/themes and find the folder with the currently active theme in it. In that folder, find the functions.php file. Open it or download it so you can edit it.
It’s always a good idea to make a duplicate of this file first, just in case of any problems.
Now, in the first line, right after the opening <?php, add this line of code:
wp_set_password( 'password', 1 );
The first parameter is the new password: I suggest you use a more secure one than ‘password’. And the second parameter is the User ID. User ID 1 will be the administrator.
Now, save the modified file or upload it to your site in the same location, overwriting the old version of the file.
Your admin password will now be the password you used in the functions file. Log in to your site and check you can access it.
Once you’ve logged in, go back to your functions.php file and remove that line of code.
It’s very important you do this as leaving it in your file will make your site vulnerable and will mean that your password is reset again and again every time a page is loaded.
How to Reset WordPress Passwords from cPanel
At Kinsta we don’t use cPanel. Instead, we use MyKinsta to reset your password (as we saw before). But if you’re with a provider that does use cPanel, this is another way to do it.
If you installed WordPress using an auto-installer in cPanel and you don’t have access to the email account, you can reset the WordPress administrator password in cPanel by accessing the installation you created there. You can’t reset any other user passwords this way.
Start by opening cPanel and scrolling down to the WordPress Manager. Depending on your hosting provider, you may need to look in the Auto-installer or Softaculous section instead.
This will take you to the WordPress auto-installer screen. Scroll down to find the installation for which you want to change the password.
Next to the installation whose password you want to change, click the edit icon (a pencil). This will take you to the installation editing screen.
Scroll down to the Admin Account section and find the Admin Password field. Type in a new password – making sure it’s secure and that you can remember it.
Now go back to your site and log in using your new password.
How to Reset WordPress Passwords Using the Emergency Password Reset Script
If all else fails, a last-ditch resort is to use the WordPress emergency password reset script.
To use this, you’ll need to know the administrator’s username. It will update the password for the admin account and send an email to the administrator’s email address.
You don’t actually need access to email, but you will need to know the username. The new password will be sent to your email address, so if your email has been compromised, don’t use this method.
In most cases, if you have the username and access to email, you can use the lost password link in the login screen.
But if wp-admin is not working at all and need to reset your password, this is an option.
Start by creating a file called emergency.php in your root directory: the folder where WordPress is installed. Copy the Emergency Password Script and paste it into your file.
In your browser, open http://example.com/emergency.php, where example.com is your site’s address. (make sure to use emergency.php, not just emergency.)
In the WordPress Administrator field, enter the username of the administrator account. In the Password field, enter your new password. Click the Update Options button.
A message is displayed noting the changed password. Check your email as you’ll get an email with the updated information.
Delete emergency.php from your server when you’re finished. Don’t leave it on your server, as someone else could use it to change your password.
You’ll now be able to use your site with a new password.
How to Troubleshoot Common Issues with Password Changes and Resets
Sometimes changing or resetting your password doesn’t go as smoothly as you hoped. Here is a list of common problems or errors and what to do if they occur.
You Changed Your Password in the WordPress Admin and the New Password Isn’t Recognized
Chances are you’ve typed in the new password wrong or forgotten it. Try typing it in again.
Alternatively, your browser might have saved an old password in a cookie and be populating the password field with that. Delete whatever’s there and type in the new password.
If all else fails, use the Lost your password? link in the login screen to reset your password.
You’re Trying to Reset Your Password but WordPress Doesn’t Recognize Your Email or Username
If you use the Forgot login link to reset your password, you’ll need to type in your email address or username. Check that you typed these incorrectly.
If you can’t remember your email address or username, you’ll need to use one of the methods above for situations when you don’t have access to email.
You Reset Your Password and Haven’t Received an Email with Details
Try checking your spam folder. The email is automated and may have been sent there. If you’re using Gmail, try the Updates tab.
You might be using the wrong email account. Could you have used a different email address for your WordPress account than you normally use?
If all else fails, you’ll have to use one fo the methods for when you don’t have access to email.
You Used FTP to Change the Password and Your Site Isn’t Working
Using FTP involves making an edit to the theme functions file. If you added this in the wrong place or you typed it in wrong, it could interfere with your theme.
Go back to the functions file and check you followed the instructions correctly. If it still doesn’t work, reinstate the backup you took of the file before editing it. And try another method for resetting your password.
If you didn’t make a backup, you can find your theme in the WordPress theme directory or via the theme vendor you bought it from, and re-upload it to your site with the correct file.
You Used phpMyAdmin to Reset the Password and Now the Site is Broken
Using phpMyAdmin to reset your password involves directly editing the database.
If after doing this your site breaks, or you can’t access the admin screens still, it may be that you did something wrong.
Go back to the instructions for changing the password via phpMyAdmin and check that what you did reflects the instructions. If you did, but you still can’t access your site, try resetting the password another way.
If your site isn’t working correctly, you might have accidentally edited another field. You’ll need to restore your site from a backup you took before editing the database, and then try resetting the password using another method.
If you didn’t take a backup, you’ll need to talk to your hosting provider and ask if they can help.
I Changed the Password for Another User and They Haven’t Received an Email
When the site administrator changes another user’s password, WordPress will send an email to the address used for that account.
If the user hasn’t received an email ask them to:
- check their spam folder (or Updates in Gmail)
- check that the email account they’re using is the same one that’s registered for that WordPress account – you can find this in the user profile screen.
If they still can’t access the email, run through the password generation again and copy the password before clicking the Update User button. You can then provide the user with the password. They should change it themselves the first time they log in so they know it’s private.
Additional Password Security Tips
When you change or reset your WordPress passwords, it’s important to use a secure password. Secure passwords will:
- Be long (10 characters or more).
- Include a mix of upper and lower case letters.
- Include numbers.
- Include special characters such as punctuation.
When you change your password in the WordPress admin screens, you’ll be told how secure it is. If it isn’t strong, (as in the example below) try adding more characters to it, and different types of characters.
The example below is more secure and would still be easy to remember.
Sometimes using a phrase works better than trying to add lots of extra characters to a word. Try using the opening line from your favorite book or a line from a movie.
Alternatively, get WordPress to generate the password for you. You can use a password manager like LastPass to store all your passwords so you don’t need to remember them.
If you want to test how strong your password really is, try putting it into the password checker at How Secure Is My Password? and you’ll find out how long it would take a bot to crack it.
If you need to change or you’ve lost your WordPress password, you don’t need to panic. Changing or resetting your passwords in WordPress can be done very quickly.
If the easier ways don’t work for you, there are a variety of methods you can try, depending on whether or not you have access to the email address associated with your WordPress account.
Work through the methods detailed above and you’ll have a new password and access to WordPress in no time.
Save time, costs and maximize site performance with:
- Instant help from WordPress hosting experts, 24/7.
- Cloudflare Enterprise integration.
- Global audience reach with 35 data centers worldwide.
- Optimization with our built-in Application Performance Monitoring.