Staying secure online has never been more important, especially for businesses. Password selection and maintenance both play an essential role in security. Unfortunately, they often get neglected, especially on local installations such as XAMPP.

However, local software can be just as vulnerable to malicious activity, and by default XAMPP typically ships without a root password for the MySQL database. Adding one and changing it regularly can help keep your data secure and prevent the loss of hours of hard work.

In this article, we’ll explain why you might want to change your XAMPP MySQL password. Then we’ll walk you through three different methods you can use. Let’s get started!

Why You Might Want to Change Your MySQL Password

There are several reasons why you might want (or need) to change your MySQL password. First and most important: when you install XAMPP on your computer, the password for the “root” user is left empty. This means that there is no security on this account by default.

The root user is essentially the administrator account—it has unrestricted access to all commands and files in the system. As such, having no password protection for this user is a major security hole. Anyone could log in to the user account and edit files on your local installation.

Apart from that, it’s also a smart security practice to change your passwords periodically. Doing so helps prevent malicious activity, particularly if you use the same password in multiple places. Regularly changing passwords can help offset issues that might arise without this practice.

Finally, you may have simply forgotten your password and, as a result, can’t access files or functions that you need on your local XAMPP WordPress installation. Whatever the reason, being able to change MySQL passwords is a valuable skill that could come in handy.

How to Change Your MySQL Password in XAMPP (3 Methods)

As with most WordPress tasks, there are multiple ways to change the MySQL password. The method you should use will depend on exactly what you need to do and what interface you’re most comfortable with: the command line, a Graphical User Interface (GUI), or text files. With that in mind, let’s take a look at three ways to change your MySQL password in XAMPP.

1. Change Your MySQL Password Using the XAMPP Shell

Using the XAMPP shell is generally going to be the simplest and quickest method for changing your MySQL password. It does involve using the command line, which can seem daunting at first.

However, it’s actually fairly straightforward. This is also the method you’ll want to use if you’ve forgotten your existing MySQL password and need to reset it.

Note that these commands are the same whether you’re using Windows or macOS. Since this is a unique shell specific to XAMPP, any typical differences between the platforms won’t apply.

To get started, launch your XAMPP Control Panel and click on the Shell button on the right-hand side.

Use the XAMPP shell to change your root password.
Use the XAMPP shell to change your root password.

This will open up a new window with a command prompt. Enter the following command and press the Enter/Return key:

mysqladmin -u root password

The shell will prompt you to enter a new password. Press Enter/Return again, and you’ll be asked to confirm the new password.

Once you’ve done that, you’re finished and can close the shell window.

2. Change Your XAMPP MySQL Password via phpMyAdmin

The second method involves using the phpMyAdmin GUI to change your XAMPP MySQL password. This technique is relatively simple, but generally not as quick as the command line method.

First, you need to access the phpMyAdmin interface. Pull up the XAMPP Control Panel and click on Admin in the MySQL row:

Open phpMyAdmin in XAMPP.
Open phpMyAdmin in XAMPP.

PhpMyAdmin will open in a browser window:

The phpMyAdmin interface.
The phpMyAdmin interface.

If you’re asked to log in, use the username “root” and enter your root password. If you haven’t set one yet, you can leave it blank.

Next, navigate to the User accounts section in the main menu bar, and locate the root user for localhost in the list:

The root user in phpMyAdmin.
The root user in phpMyAdmin.

Next, you can click on Edit privileges beside the root user, then select Change password at the top of the page.

Initiate password change in phpMyAdmin.
Initiate password change in phpMyAdmin.

On the next screen, simply enter the password you want to use:

Change your root password in phpMyAdmin.
Change your root password in phpMyAdmin.

When you’re finished, you can click on the Go button in the bottom-right to save the change. That’s it!

3. Change Your XAMPP MySQL Password by Editing the File

If you find yourself in a situation where you know your password is correct, but it isn’t working for whatever reason, this is the method for you. It involves opening up a text file and editing the password directly in it.

First, open the XAMPP Control Panel and click on the Explorer button on the right-hand side of the window:

The Explorer button in the XAMPP Control Panel.
The Explorer button in the XAMPP Control Panel.

This will launch a file browser in the XAMPP folder. Next, you can open the phpMyAdmin folder and locate the file:

The file in Windows.

You can open this file in your favorite text editor, or simply double-click on it to open it in the default program.

The line you’re looking for is $cfg['Servers'][$i]['password'] = 'YourPassword';. Here’s what it looks like:

The line to edit the MySQL password in the file.
The line to edit the MySQL password in the file.

Once you locate it, you can enter your desired password between the single quotes, and then save the file. That’s all there is to it!


Whether you’ve forgotten your XAMPP MySQL password or you want to take your security up a notch, there are multiple methods you can use to change it. Updating your password helps keep your data secure, and provides an additional layer of defense against malicious activity.

In this article, we covered how to change your MySQL password on an XAMPP installation using three methods, which include using the command line, going through the phpMyAdmin GUI, and editing a file directly. You can choose whichever one suits your workflow best.

If you take security seriously and want to ensure that all of your WordPress sites are protected, consider hosting with Kinsta. Our plans offer the security, speed, and support your site needs to operate at its best.