If you’ve ever lost or forgotten your WordPress password, resetting it is easy! In this article we will show steps to reset your password the traditional way through email, and through the database if needed.
Option 1: Reset WordPress Password via Email
If you’ve tried to login to your WordPress website with an incorrect username or password, you’ll be presented with one of two errors:
“ERROR: Invalid username” if the username entered does not match any current users.
Or, “ERROR: The password you entered for the username ____ is incorrect” if your password was entered incorrectly.
In either scenario, you can use the “Lost your password?” link in the error message to reset your password. If you’ve entered what you believe to be the correct password and receive this error, we recommend resetting your password rather than trying to guess your password repeatedly. In some scenarios repeated failed logins could trigger security systems to block your IP address.
Select “Lost your password?” link
In either the error message, or the bottom of your /wp-login.php page, you can select to reset your password. You will be prompted to enter the username or email address of your WordPress user.
WordPress will send an email to the email address on file for your user with a link to reset your password. If you enter an incorrect email address or invalid username, WordPress will not send an email.
When you receive the email from WordPress, click the link to reset your password.
Resetting Your Password
Upon clicking the link in your email you will be taken to a page where you can select a new password. WordPress will automatically populate a strong, secure password. You may choose to set a different password of your choosing, but remember that WP Engine requires strong passwords for all Administrator, Author, and Editor users. Contributor and Subscriber-level users do not have this requirement.
If the password you select for your Administrator, Author, or Editor user is not strong enough you will see an error:
“ERROR: Please make the password a strong one.”
Make sure you enter a password ranked as strong, and click the “Reset Password” button. From there, you’re all set! WordPress will now prompt you to login with your new password.
Option 2: Resetting Password in the Database
If you don’t have access to the email address associated with your WordPress user, or the normal reset password process above does not work as anticipated, you can reset your password in your website’s database. Please note: The following steps require access to the WP Engine User Portal.
Access your website’s database
First you will need to access your website’s database. Start by logging into the User Portal and navigating to the Overview page of environment for your website. Then select “phpMyAdmin” from the left-hand navigation.
In phpMyAdmin you may see two databases: wp_environmentname and snapshot_environmentname. The one with the snapshot in the name is the 1-click staging area, and the other one with the wp in the name is the database for the standard environment area. Click on the database for the area to which you need access.
Reset password
Once you have selected the correct database, navigate to the wp_users table (You may have a different table prefix. If so, this table could start with something else like abc_, but should always end with “users”).
The wp_users table contains all the users for your WordPress website. Select the username for the user you need to edit and select the “Edit” option. Note: You can also edit the email address for your user in this table if needed!
On the edit screen, the encrypted version of your password will be displayed. Replace this field with your new password, and select “MD5” encryption from the “Function” dropdown next to it.
Select the “Go” button at the bottom to save your changes. You will now be able to login to WordPress using your new password! Navigate to the /wp-login.php page for your website to enter your username and password.
Security update 12/17/16
Due to the most recent security issue, we have come across a consistent issue with customers using Outlook protection. We have seen this issue with users of Outlook Exchange Online Protection (EOP), and if they are not able to do so themselves, these users will need to contact their email service administrator to whitelist the domain “wpengine.com” for successful delivery of emails.
Here is a Microsoft Office article with more information on how to manage allowed senders using Outlook.