Wordpress is one of the most used CMS worldwide, hence it is also the most attacked. Both outdated and vulnerabilities in the core, themes and plugins are the spaces most exploited by cybercriminals throughout the network.

Whether you want to prevent someone from accessing your Wordpress account, you want to make it more secure or you have noticed that your site has been attacked, the first action to take is to change or reset the password.

In Wordpress there are many ways in which you can do this, either you remember the access data (change) or for some reason you have forgotten the password (reset).

Here are 7 ways to do it.

1.- Reset or Change Password Using the Wordpress Login

If you don't remember your password and need to log in, try the login screen first. Enter the address that allows you to enter the Wordpress control panel on your website and once there, click on the link Lost your password? u Forgot your password?

Then, enter the username or email address of your Wordpress account and click on the “Get a new password” button. Now, go to your email account and click on the link sent to reset your password.

Next, enter a new password and click the Reset Password button. Finally, log in with your username and new password as you normally do.

2.- Reset or Change Password Using the Wordpress Profile

If you remember your password and have access to Wordpress, one of the easiest ways to make this change is through your account profile. For this it is only necessary to access the Users option and then Profile in the Wordpress control panel.

Then, locate the Account Management or Account Administration section and click on the Generate Password or Generate Password button. In this way, a new key will be automatically created that you can edit if you wish.

If you suspect that there are other open sessions, take advantage and click on Log out everywhere else or Close all sessions. Finally, click the Update Profile or Update Profile button to save the changes.

3.- Reset or Change Password Using the Wordpress Admin

This step works when you are the site administrator and want to change another user's password. To do this, go to the Users or Wordpress Users option and locate the profile you want to modify.

Below the user's name you will find a link with the text Edit or Edit and locate at the bottom of the next screen, the Account Management or Account Administration section and click on the Generate Password or Generate Password button.

This will generate a new password, which as in the previous step, you can modify to your liking. Finally, click the Update User or Update User button to save the changes.

4.- Reset or Change Wordpress Password Using phpMyAdmin from cPanel

If you're having problems receiving your emails and you can't reset your password the usual way, don't worry, all is not lost, as long as you have the access data to your hosting account.

phpMyAdmin is a database administration environment. Through this software it is possible to modify not only the password, but also the user if you want to take even more security measures.

The first thing you need to do is locate the Databases section in cPanel and access phpMyAdmin. Next, select the Wordpress database, locate the wp_users table and click Browse.

Next to your username you will find the Edit link, click on it. Choose MD5 right in the Function column and now enter the new password. Modify the user_login field with the new username, if you wish, and click Go.

Now, try to login to Wordpress.

5.- Reset or Change Wordpress Password Using the Emergency Password Reset Script

This is a procedure that must be applied with care. This is a code that forcefully modifies the Wordpress administrator's password and does not require you to log in to that platform.

The first thing you need to do is create a file named Emergency.php with theEmergency Password Reset Script(starts with <?php and ends with ?>). Then paste or upload that file to the root directory of Wordpress (the same directory that contains wp-config.php).

Next, go to the address in your browserhttp://yourdomain.com/emergency.php, this will execute the code.

Enter the username and the new password, then press a click on Update Options and it is important to observe a message indicating that the password has been changed. You will also receive an email with information about the modification made.

Finally, delete the Emergency.php file and try to log in to Wordpress as an administrator. This step is essential because the script leaves the doors open for anyone to modify the password of the main platform account.

6.- Reset or Change Wordpress Password Using the Command Line

Wordpress has an interface that streamlines the platform administration process, called WP-CLI. This functionality requires prior installation and only works on sites running PHP version 5.4 or higher.

Now, from the command line it is necessary to write:

wp user update 1 --user_pass=password.

In this case, as shown, the number 1 indicates that the administrator password is changed and it is necessary to replace the word password with the one you want to assign to that account.

If you want to change the password of another user than the administrator, you must change the 1 to the respective user ID. You can know the data of all the users of the database with the following instruction:

wp user list

7.- Reset or Change Wordpress Password Using FTP

This is a useful way when you don't have access to the email account of the user you want to change. You need to access your hosting through an FTP client.

The goal is to find inside wp-content/themes the folder of the theme that your Wordpress works with at the moment. Now, download the functions.php file, create a backup of it and edit the original.

Right after the start of the Php code (<?php) enter the following statement:

wp_set_password( 'thepassword', 1 );

Replace the space that indicates the password with the key that you want to assign to the user and the 1 with the user ID, in case you do not want to change the administrator account.

Now, upload this file to your hosting account, replace functions.php with this new version. Try to enter Wordpress with the username and password provided in the line of code.

Once you're done, modify the functions.php file again by removing the previous line of code to bring it back to its original state.

Conclusions

On many occasions, users or administrators of the Wordpress platform need to change or reset their password, for security reasons. There are many ways to perform this task, some more conventional and others more forced but effective.

Among them are:

• Via login.
• By the user profile of Wordpress.
• By the WordPress Admin.
• By PhpMyAdmin in cPanel.
• With the Emergency Password Reset Script.
• By command line.
• Via FTP.

Some work if you know the password and others to force the change in case of forgetting or after receiving a computer attack.

If this content has been helpful to you, would you let me know? ;-)