Recovering Your WordPress Admin Password
Sometimes, you just forget the password of the admin account of your WordPress install. The easiest solution to recover your password is to use WordPress' emergency password reset script. This script allows you to change your admin password in WordPress.
Step 1: Disallowing access to your website
The first thing to do is to temporarily disallow access to your website. An attacker could change your admin password and gain access to your WordPress install if they detect the recovery script. You naturally want to prevent this. If you are using Apache, you can create an .htaccess
file containing the following:
order deny,allow
deny from all
allow from 111.222.333.444
Change 111.222.333.444
with your IP address. Now, only you will be able to access your website.
Step 2: Upload the script
Upload the script that will allow you to change your WordPress admin password. It can be found on the WordPress codex site. It's basically a big PHP script. Copy and paste it into a file located in the same directory as your WordPress installation. Call it emergency.php
.
Step 3: Using the script
Access your WordPress installation at http://111.222.333.444/emergency.php
. Replace 111.222.333.444
with the address of your WordPress site. You will now be asked for your admin username and the new password.
Once you've entered the correct username, click Update Options
. Upon success, you will see a page that says:
Your password has been successfully changed
An e-mail with this information has been dispatched to the WordPress blog administrator
You should now delete this file off your server. DO NOT LEAVE IT UP FOR SOMEONE ELSE TO FIND!
Pay close attention to that last sentence.
Step 4: Delete the script
You will now be able to log back into WordPress.
Delete the emergency.php
script, then remove the .htaccess
file that we setup earlier, so that other users may access your site.