Background
Most recent case was that I managed server websites built by wordpress but the credentials for one website failed me – I had no memory of what the email address was for administrative purpose, and even the username. I guess it was the most terrible thing happened that day. But, after a lot of google work, I finally found a recipe for the email-forgot situation.
I now post it out what I found that saved my life.
Reset password
Download Script
You can download the PHP script and open it with your programming editor before run it on the server. The script should be placed at the root director, that is in the same place as the wp-config.php. So that you can run it on the web browser. On the browser, enter the link is like https://yourdomain.com/PasswWordReset.php. You will see a form with title “WordPress Emergency Password Reset.’ Try your username in the first row. If you are lucky, you will reset your password successfully. And it will say:
Your password has been successfully changed
An email with this information has been dispatched to the WordPress blog administrator
You should now delete this file off your server. DO NOT LEAVE UP FOR SOMEONE ELSE TO FIND!
Other ways
Remember to delete the php script from your sever. IT IS IMPORTANT.
Also, there are other ways to get back your account information:
1)Turn to the “forgot the password” page if you at least know your administrative email address for the website.
2) Retrieve it from the database by logging in your web control panel/console, like cPanel/phpMyAdmin, on your hosting platform.
Final thoughts
As the WEB3.0 is coming deeply to public life, we quite enjoy the benefit of internet decentralization, and at the same time more attention should be focused on privacy and cybersecurity. My suggestions include regular backups and secure places to hold important information in a physical way, like storing them inside a portable USB stick.
Updates
Reset by updating user database on your virtual/dedicated server.
1) Access your server terminal via SSH, and run mysql to enter the php database:
root@xxxxxxxx:~# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 1924
Server version: 10.6.21-MariaDB-0ubuntu0.22.04.2 Ubuntu 22.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| xxxxxxxxx |
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.000 sec)
2) Choose the database you want to update with:
use your_database_name; ## to choose the database you want to update;
show tables; ## to list what inside the database;
MariaDB [(none)]> use xxxxxxxxx;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [xxxxxxxxx]> show tables;
+-------------------------------------------------+
| Tables_in_xxxxxxxxx |
+-------------------------------------------------+
| wp_actionscheduler_actions |
| wp_actionscheduler_claims |
| wp_actionscheduler_groups |
| wp_actionscheduler_logs |
| wp_commentmeta |
| wp_comments |
| wp_e_events |
| wp_links |
| wp_options |
| wp_postmeta |
| wp_posts |
| wp_suremails_email_log |
| wp_term_relationships |
| wp_term_taxonomy |
| wp_termmeta |
| wp_terms |
| wp_usermeta |
| wp_users |
| wp_wc_admin_note_actions |
| wp_wc_admin_notes |
| ...... |
+-------------------------------------------------+
61 rows in set (0.000 sec)
3) Choose the “wp_users”, which is the exact user account for the website in the database. The first item right behind the number 1 in Row 2 is the user login name. Next to the user login name, it is the user password but hashed by md5sum and salt. That is what I am going to update.
MariaDB [xxxxxxxxx]> select * from wp_users;
+----+------------+-----------------------------------------------------------------+---------------+----------------------+------------------------+---------------------+---------------------+-------------+--------------+
| ID | user_login | user_pass | user_nicename | user_email | user_url | user_registered | user_activation_key | user_status | display_name |
+----+------------+-----------------------------------------------------------------+---------------+----------------------+------------------------+---------------------+---------------------+-------------+--------------+
| 1 | xxxx | $wp$xx$10$75exxxxxxZc/Al73NgJe4ysxxxxxGG7MI56qcxxxxdx2nz. | xxxx | xxx.xxxx@gmail.com | https://xxxxxxxxxx.com | 2025-04-19 05:39:42 | | 0 | xxxxx |
+----+------------+-----------------------------------------------------------------+---------------+----------------------+------------------------+---------------------+---------------------+-------------+--------------+
1 row in set (0.000 sec)
4) Using md5sum to encrypt the passphrase you want to update:
echo “your_new_password” | tr -d ‘\r\n’ | md5sum | tr -d ‘ -‘ ## tr -d ‘\r\n’ command to eliminate blank lines;
## tr -d ‘ -‘ command to remove any blanks or dash symbols
then update the password with new hashed values. Don’t forget the ‘flush privileges’ command to make it effective.
MariaDB [xxxxxxxx]> update wp_users set user_pass="xxxx4b402xxxxx0d5xxxxc8f82d" where id=1;
Query OK, 1 row affected (0.002 sec)
Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [xxxxxxxx]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
MariaDB [xxxxxxxx]> exit
Bye
That’s it. Now we can login the admin page with the new password.