Friday, June 28, 2013

Reset Wordpress admin's password through MySQL

This tutorial is from the wordpress documentation

  1. Get an MD5 hash of your password.
    • Visit md5 Hash Generator, or...
    • Create a key with Python. or...
    • On Unix/Linux:
      1. Create file wp.txt with the new password in it (and *nothing* else)
      2. md5sum wp.txt
      3. rm wp.txt
  2. "mysql -u root -p" (log in to MySQL)
  3. enter your mysql password
  4. "use (name-of-database)" (select WordPress database)
  5. "show tables;" (you're looking for a table name with "users" at the end)
  6. "SELECT ID, user_login, user_pass FROM (name-of-table-you-found)" (this gives you an idea of what's going on inside)
  7. "UPDATE (name-of-table-you-found) SET user_pass="(MD5-string-you-made)" WHERE ID = (id#-of-account-you-are-reseting-password-for)" (actually changes the password)
  8. "SELECT ID, user_login, user_pass FROM (name-of-table-you-found)" (confirm that it was changed)
  9. (type Control-D, to exit mysql client)
Note if you have a recent version of MySQL (version 5.x?) you can have MySQL compute the MD5 hash for you.
  1. Skip step 1. above.
  2. Do the following for step 7. instead.
    • "UPDATE (name-of-table-you-found) SET user_pass = MD5('new-password') WHERE ID = (id#-of-account-you-are-reseting-password-for)" (actually changes the password)
Note that even if the passwords are salted, meaning they look like $P$BLDJMdyBwegaCLE0GeDiGtC/mqXLzB0, you can still replace the password with an MD5 hash, and Wordpress will let you log in.

Notes: if the above method does not work, please use the wp-cli tool.