How to Change Your WordPress Password: 6 Methods

Anna Fitzgerald
Anna Fitzgerald


There are a few reasons you might want to change your WordPress password. Maybe you shared the password with other users and now you want to limit access to your dashboard to those who no longer need (or should have) access to your WordPress website. Maybe you’ve left your account logged in at a public computer. Maybe you’ve been hacked, or want to change it for another security reason. Or, maybe you simply forgot it — we’ve all been there.

Site admin changing WordPress password

Grow Your Business With HubSpot's Tools for WordPress Websites

Whatever the reason, this post will show you how to change your password in WordPress safely. We'll start with the easiest options and work our way to the more difficult ones.

Or, click on any of the links below to jump to that section:

If you’d rather follow along with a video, here's a handy walkthrough from Compete Themes:

How to Change Password from WordPress Login Page

If you forgot your password but know the username or email associated with your account, then the simplest way to change your WordPress password is by using the lost password feature.

1. Visit your WordPress login page.

2. Click Lost your password?

how to change password in wordpress: login page

3. You’ll be redirected to a page instructing you to enter the username or email address on file for your account. Once you do, click Get New Password.

how to change password in wordpress (922 update): get new password reset page

4. Check your inbox for an email from WordPress with a password reset link, and click on it.

5. You’ll be redirected to a page that instructs you to enter a new password. Enter your new password, or use the password that WordPress has automatically generated for you, then click Reset Password.

Once you see a confirmation message that your password has been reset, you can log in using your new credentials.

How to Change Password in WordPress Dashboard

If you remember your password but would like to change it or would like to change the password of another user, you can do so in your WordPress dashboard.

1. Log into your WordPress account.

2. In the dashboard, select Users > All Users.

3. Hover over the user whose password you want to change and click Edit.

how to change password in wordpress: users screen in the wordpress dashboard

4. Scroll down to the Account Management section and click the Set New Password button.

how to change password in wordpress: set new password button in wordpress

5. WordPress will automatically generate a strong password for you. You can keep it, or overwrite it by typing another password in the input field.

how to change password in wordpress: a recommended password on the wordpress change password screen

6. When you’re done, click Update Profile at the bottom of the screen. The page will reload and you’ll see a confirmation message that the user profile has been updated.

There’s no need to log out and log back in using this method. But if you want to double-check that the password has been reset successfully, you can log out and then log back into your account.

How to Change WordPress Password in phpMyAdmin

If you can’t access your email or your dashboard, you can change your password directly using phpMyAdmin.

phpMyAdmin is a PHP script for administrators to manage their MySQL databases. Admins can optimize and repair database tables, back up their database, and execute other database management commands in the event that their WordPress installation is not working.

Before we get into the steps below, be warned: There is no “undo” button when using phpMyAdmin, so use caution when editing or doing anything in your database.

1. Log into phpMyAdmin. If you don’t have it, download and install phpMyAdmin from the main project page.

2. Click Databases.

3. From the list of databases that appears, select your WordPress database.

4. All the tables in your WordPress database should appear. If they don’t, click Structure.

5. Find wp_users in the column labeled Table and click Browse.

how to change password in wordpress: the databases table in phpMyAdminImage Source

6. Find user_login and your username.

7. Click Edit or the pencil icon.

8. Your user_id will appear. Click Edit.

9. Find user_pass in the column labeled Field.

10. Select and delete the string of numbers and letters in the user_pass row and under the column labeled Value. Enter your new password in this field.

11. Click the dropdown menu under the column labeled Functions and select MD5 from the menu.

how to change password in wordpress: MD5 dripdown in phpMyAdmin

Image Source

12. When you’re ready, click the Go button in the bottom right corner of the screen.

13. go to your login page and sign in using your new WordPress password.

How to Change WordPress Password in cPanel

Most WordPress hosting providers have phpMyAdmin pre-installed in their control panels. In that case, you can essentially follow the process outlined above to change your WordPress password.

Let’s look at the steps below to change your password in one of the most popular file managers: cPanel.

1. Log into your hosting account’s cPanel.

2. Scroll down to the Databases section and select phpMyAdmin.

how to change password in wordpress: databases button in cPanel

3. Repeat steps 2-13 from the section above.

How to Change WordPress Admin Password

The steps below will only work if you’re using the admin user and want to change the admin password specifically. There are two approaches you can take. We’ll start with using FTP, then move onto the emergency password reset script, which should only be used as a last resort.

Using FTP

If you want to change the admin password, you need to have the admin username as well as an FTP client installed on your computer. Short for File Transfer Protocol, FTP allows you to transfer your files and password from your computer to your website hosting account over a secured connection.

Below, we’ll look at the process of changing your WordPress password using the popular FTP client FileZilla.

1. Log into your site via FileZilla.

2. On the left side of the screen, open the public_html folder.

3. Open your wp-content folder.

4. Open your themes folder and the folder labeled with your active theme’s name.

5. Locate the functions.php file in your active theme’s folder and download it.

how to change password in wordpress: a wordpress filesystem in filezilla

Image Source

6. Copy and paste the following line of code right at the beginning of the functions.php file, after the first <?php tag:

wp_set_password( 'password', 1 );

7. Replace “password” in the parentheses with your new admin password. Leave the “1” as is. The “1” represents the user ID number in the wp_users table in your MySQL database.

8. Upload the modified file back to your site.

9. Log into your site with your new password.

10. Once you’ve logged in successfully, go back and remove that line of code from your functions.php file. Otherwise, your password will reset on every page load.

Using the Emergency Password Reset Script

If you know the admin username and are unable to access your database, then you can use the Emergency Password Reset Script to change the admin password. A warning, though: You should only use this PHP script after trying all other alternatives.

1. Log into your hosting account’s cPanel.

2. Open File Manager.

3. On the left side of the screen, click the public_html folder.

4. Click the New File button in the top menu.

5. Name the file “emergency.php” and click the Create New File button.

6. You will now see your new file listed. Right-click to edit the file.

7. Copy and paste the Emergency Password Script into the file and save it. Here's the code below:

<?php /* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ require './wp-blog-header.php'; function meh() { global $wpdb; if ( isset( $_POST['update'] ) ) { $user_login = ( empty( $_POST['e-name'] ) ? '' : sanitize_user( $_POST['e-name'] ) ); $user_pass = ( empty( $_POST[ 'e-pass' ] ) ? '' : $_POST['e-pass'] ); $answer = ( empty( $user_login ) ? '<div id="message" class="updated fade"><p><strong>The user name field is empty.</strong></p></div>' : '' ); $answer .= ( empty( $user_pass ) ? '<div id="message" class="updated fade"><p><strong>The password field is empty.</strong></p></div>' : '' ); if ( $user_login != $wpdb->get_var( "SELECT user_login FROM $wpdb->users WHERE ID = '1' LIMIT 1" ) ) { $answer .="<div id='message' class='updated fade'><p><strong>That is not the correct administrator username.</strong></p></div>"; } if ( empty( $answer ) ) { $wpdb->query( "UPDATE $wpdb->users SET user_pass = MD5('$user_pass'), user_activation_key = '' WHERE user_login = '$user_login'" ); $plaintext_pass = $user_pass; $message = __( 'Someone, hopefully you, has reset the Administrator password for your WordPress blog. Details follow:' ). "\r\n"; $message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n"; $message .= sprintf( __( 'Password: %s' ), $plaintext_pass ) . "\r\n"; @wp_mail( get_option( 'admin_email' ), sprintf( __( '[%s] Your WordPress administrator password has been changed!' ), get_option( 'blogname' ) ), $message ); $answer="<div id='message' class='updated fade'><p><strong>Your password has been successfully changed</strong></p><p><strong>An e-mail with this information has been dispatched to the WordPress blog administrator</strong></p><p><strong>You should now delete this file off your server. DO NOT LEAVE IT UP FOR SOMEONE ELSE TO FIND!</strong></p></div>"; } } return empty( $answer ) ? false : $answer; } $answer = meh(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ""> <html xmlns=""> <head> <title>WordPress Emergency PassWord Reset</title> <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php bloginfo( 'charset' ); ?>" /> <link rel="stylesheet" rel="noopener" target="_blank" href="<?php bloginfo( 'wpurl' ); ?>/wp-admin/wp-admin.css?version=<?php bloginfo( 'version' ); ?>" type="text/css" /> </head> <body> <div class="wrap"> <form method="post" action=""> <h2>WordPress Emergency PassWord Reset</h2> <p><strong>Your use of this script is at your sole risk. All code is provided "as -is", without any warranty, whether express or implied, of its accuracy, completeness. Further, I shall not be liable for any damages you may sustain by using this script, whether direct, indirect, special, incidental or consequential.</strong></p> <p>This script is intended to be used as <strong>a last resort</strong> by WordPress administrators that are unable to access the database. Usage of this script requires that you know the Administrator's user name for the WordPress install. (For most installs, that is going to be "admin" without the quotes.)</p> <?php echo $answer; ?> <p class="submit"><input type="submit" name="update" value="Update Options" /></p> <fieldset class="options"> <legend>WordPress Administrator</legend> <label><?php _e( 'Enter Username:' ) ?><br /> <input type="text" name="e-name" id="e-name" class="input" value="<?php echo attribute_escape( stripslashes( $_POST['e-name'] ) ); ?>" size="20" tabindex="10" /></label> </fieldset> <fieldset class="options"> <legend>Password</legend> <label><?php _e( 'Enter New Password:' ) ?><br /> <input type="text" name="e-pass" id="e-pass" class="input" value="<?php echo attribute_escape( stripslashes( $_POST['e-pass'] ) ); ?>" size="25" tabindex="20" /></label> </fieldset> <p class="submit"><input type="submit" name="update" value="Update Options" /></p> </form> </div> </body> </html> <?php exit; ?>

8. Open your browser and type in the file path to access the emergency.php file. It will look something like:

9. A login screen should appear. You can enter your existing admin username and a new password of your choice.

10. Go to your WordPress login page and log in using your new credentials. An email should be sent to the administrator’s email address with the new password details. However, the password will still be changed even if you do not receive an email.

11. Once you’ve logged into your site using your new admin password, go back and delete the emergency.php file from your root installation. Otherwise, anyone could visit your site’s URL with the emergency.php file path and reset your admin password.

Changing Your WordPress Password

Whether you forgot your password or want to reset it to keep your WordPress website secure, there are a number of ways you can change your password in WordPress.

Some require you to remember the username and existing password, others require you to edit some core files. Pick the method above that best suits your situation, follow the steps to reset your password, and move on with your life.

Editor's note: This post was originally published in February 2021 and has been updated for comprehensiveness.

Use HubSpot tools on your WordPress website and connect the two platforms  without dealing with code. Click here to learn more.

Related Articles

Capture, organize, and engage web visitors with free forms, live chat, CRM, analytics, and more.