+6 votes
in Tutorials and Guides by (1.5m points)

How to change the WordPress password from the MySQL console

1 Answer

+7 votes
by (725k points)
 
Best answer

On many occasions we do not have a program to manage databases interactively as Adminer or phpMyAdmin . If we need to restore the WordPress password because we have forgotten it and we only have one session open in the terminal, we can easily change the WordPress password.

image

I use this method quite frequently in local development environments, where I don't have an SMTP mail server installed and I can't use the password retrieval function itself through an email that includes WordPress.

How to change the WordPress password from the MySQL console.

To carry out this tutorial, we will need an open console session and credentials to access the MySQL or MariaDB database, which would be: the username, password and host (by default it is omitted if it is localhost) .

The process will be done in three steps:

  • Create the hash of our new password.
  • Connect to the WordPress database.
  • Replace the hash of the old password with the hash of the new one.

How to create a hash of a WordPress password.

WordPress has used the MD5 algorithm since its inception to store the password in the database, but as it is considered an insecure algorithm, in 2007 WordPress adopted phpass (portable PHP password hashing framework) .

Imagine that our password is "TechnoWikis" (without the quotes), then if we use the above algorithms we would get:

  • MD5: 8bfe929f64006000e190bbe385b6e93a
  • Phpass: $P$BzJMa8sfzhikh/nmodBIN3yPPhkw.u1

When modifying the password hash directly in the WordPress database , both types of hashes would work, since WordPress maintains compatibility with both . In fact, we will use the MD5 algorithm to restore the password from the terminal, since WordPress will automatically switch to the phpass algorithm when we first identify ourselves .

We will use the MD5 algorithm to generate our password, since from a Linux terminal we can generate these hashes very easily with the echo -n TechnoWikis | md5sum command echo -n TechnoWikis | md5sum echo -n TechnoWikis | md5sum

image

Now that we have the hash corresponding to our new password, we will access the WordPress database.

Connecting to the WordPress database from the Linux console.

With our open terminal session, we execute the mysql -u root -p command and enter the password. On another occasion, we have already published a tutorial with instructions on how to access MariaDB or MySQL from the Linux console , which I recommend you have on hand.

image

Once authenticated, we will execute the query SHOW databases; which will show us all the databases to which the authenticated user has access. To select the WordPress database, we will execute the query USE nombre_db_wordpress; .

Now we can list all the tables in the database with the query SHOW tables; and we will have to identify the table where WordPress users are stored, which generally has a name similar to wp_users . This is the name of the table in a default WordPress installation, since it sets wp_ as a wp_ prefix.

Replace the hash of the old password with the hash of the new one.

To obtain a list with all users and their ID (identifier) , we execute the query:
SELECT ID, user_login, user_pass FROM wp_users;

image

With the previous query, we already know the ID of the user to whom we want to change the password. We will assume that your ID is number 2, so the query we made would be:
UPDATE wp_users SET user_pass= "8bfe929f64006000e190bbe385b6e93a" WHERE ID = 2;

If we have a recent MySQL or MariaDB version (version greater than or equal to 5.x) , we can calculate the MD5 hash directly in the query, thus avoiding the first step where we calculated the MD5 hash of our password. If our password were «TechnoWikis» (without quotes) , the query would be:
UPDATE wp_users SET user_pass= MD5('TechnoWikis') WHERE ID = 2;

And this is it, now we can access WordPress with the username and the new password.


Most popular questions within the last 20 days

...