Best Tricks to Protect and Recover your Lost WordPress Password

“Treat your passwords like your toothbrush. Don’t let anybody else use it, and get a new one every six months.”
— Cliff Stoll: an American astronomer and Best-Seller author of ‘The Cuckoo’s Egg’

Forgot Your WordPress Password

It is true especially when cybercrime is so common these days. Securing your password is inevitable for the security of your confidential data and information. And why not? Our whole lives are online now – from personal photographs to professional or business information – making it ever more so important to have a proper secured password that is hard to crack.

Let’s gear this conversation toward the business side which over here means having an online business. This is referred to as having an online website which you use to do business with your existing and potential customers.

As mentioned above, sometimes it is required to have a tough password but remembering that password can become a tricky thing. This is particularly true in websites (WordPress websites) where you need to have a strong password especially when it is a requirement where your password is not accepted if it does not mean certain characterial criteria. Which is why it is extremely common that people forget it.

Recovering these passwords especially those for the WordPress websites is not an easy task because a lot of security layers have been put in place to safeguard the information from falling in the wrong hands. Fret not!! We have worked up solutions that you can use to retrieve your WordPress website passwords. Just read on…

Four Effective Ways to Recover Lost Passwords

Below are the four effective ways to recover lost passwords for WordPress websites effectively and timely.

1. You can Reset Password via cPanel (WordPress Password Reset through phpMyAdmin/MySQL Database)

If you have admin access to your website’s hosting cPanel or web hosting control panel through your WordPress hosting provider, you can reset your lost WordPress password from cPanel using phpMyAdmin.

a. Log in to your hosting account and reach out to cPanel. Then, look for the databases section of the page and hit on ‘phpMyAdmin’:

b. When you’ve logged into phpMyAdmin account, you’ll see a list of databases on the left-side of your screen. At this point, click on the WordPress data of a site.

c. Check for wp_users row and click the browse icon to the right.

d. Once you’ve clicked the browse icon, it will redirect you to a page listing of all of your users registered on your website. You can find the username, user email along with the encrypted password.

e. To change the password, select the user, and click ‘Edit’

f. Now, you can change your WordPress password in the ‘user_pass’ section. You’ll see a long list of numbers and letters next to ‘user_pass’ on the next page. Select this long string and delete immediately.

g. Type in the new password that you want to use. Remember that it is case sensitive

h. Finally, choose MD5 from the drop-down menu (See the image below). This step is important because MD5 works to encrypt passwords.

i. Double-check to make sure that password is correct and you’ve selected MD5.
j. Save and update now and you can see the ‘Go’ button at the very bottom of the page.
k. Now, log in through your wp-admin URL using your new username and password.

2. Utilize the WordPress Password Reset Link for Timely Recovery

If you want to recover your lost WordPress passwords really quick, then utilizing the WordPress password reset link is very helpful in timely recovery. It generates a WordPress password reset URL sent you through email.

a. On the login form of WordPress website, you will see a link of ‘lost your password’ beneath username/email address and password.

b. When you have clicked on the lost your password link, it will redirect you to the WordPress password reset page automatically.

c. On this screen, you will have two choices, either you can enter WordPress username or use admin email address for the purpose of resetting your password

d. Click on the ‘Get New Password’ button after entering your username or email address.

e. If you’ve entered the correct email address or username, you will receive a password reset email within seconds. Now, you can come back into action and let’s get connected to your customers.

3. Password Reset through FTP with the help of functions.php File

A WordPress theme contains an important php file called ‘ functions.php’. It takes charge of your website in various ways through WordPress themes.

In order to do a password reset through FTP with the help of ‘functions.php’ file, you’ll have to download a copy of your theme’s ‘functions.php’ file from the web host using FTP.

a. For resetting your password, locate the functions.php file in your directory,

b. Now, you will have to add or edit the ‘wp_set_password’ line of code in your ‘function.php’ file.

c. The line of code should be set as wp_set_password ( ‘abcdef, 1’) — check this image below –and this is the new code (it’s just for an example). ‘1’ is the ID number of a WordPress user.

d. While changing passwords for your site, ensure you’re using a strong password for heightened security.

e. Confirm to have all your edits saved in your functions.php file. Upload the edited file back to your Website with the help of FTP. Now, try to log into your site using wp-admin dashboard.

f. Finally, when you’ve recovered your lost WordPress password with the help of this method, ‘undo’ all of the changes made to the functions file.

4. Take Help from Another Admin User for Password Recover

Finally, in this method, you can take help from a separate Admin user on WordPress site for password resetting. If there is another WordPress admin user for WordPress website, it can be highly resourceful for recovering lost passwords. Following is the process to fully use this method:

a. Reach out another admin user on your website and discuss this lost/forgotten WordPress password.

b. When logged in, that admin user can help you in resetting the password from the Users> All users page on your behalf. That admin user will simply edit your profile.

c. This another admin user will have to come to the Account Management Section. And, there he can use the ‘Set New Password’ button for the purpose of resetting your password.

d. Don’t forget to secure this new password to avoid this mistake in the future and make a strong password to protect yourself from any vulnerability.


Those were the best ways that you can recover your forgotten or let’s just say lost WordPress passwords. Resetting passwords is not an easy feat even if you are an admin of your WordPress website. It is better to actually save your passwords in some secure location like your personal diary or document that only you have access to.

Some of our helpful tips that you can use to protect your WordPress password are given below.

5. Tips and Tools to Protect WordPress Password

Let’s take a look at what are the 5 best tips to safeguard passwords:

1. Always Make Unique and Strong Passwords

Weak passwords tend to lead to attacks and vulnerabilities on a website. A password that’s easy to remember is easy to guess and turns out to be easy to hack. That’s why, it’s imperative that a strong password should be created for a WordPress website and content to ensure high-end security. Avoid creating passwords that have any of your personal information such as date of birth, or name, and so on.

2. Employ an Authentic Password Manager for Security of your Online Accounts

A password manager works to create complicated and strong passwords to protect your online assets, digital information and sensitive data. It houses all of your passwords and safeguard them through the use of one master password.

A password manager keeps your login credentials organized lessening the likelihood of forgetting or losing password so that you won’t have to put up with the password resetting process. We recommend using RoboForm – a password manager plugin.

It has many features such as:

    • Click Logins
    • Store passwords when you browse the internet
    • Easy syncing
    • Ease of offline access
    • Keep your passwords
    • organized
    • Quick access from anywhere and anytime

3. Use iThemes Security Pro Plugin to Strengthen WordPress Password Security

To make your WordPress security highly secure and protected, we suggest you to use iThemes Security Pro – a WordPress Security Plugin.

This WordPress security plugin is equipped with the best features to help you protect your site in every possible way. It can create and employ strong passwords for your site to prevent brute-force attacks. Plus, you’ll get plenty of features to strengthen cyber security for you and your critical data across the internet such as:

    • It implements 2FA (Two-Factor Authentication) for your WordPress login to add a protection layer to password with a secondary login code.
    • It works to limit the number of login attempts to keep suspicious users out from harming your website.
    • It will hide the admin login page and URL of your WordPress website.
    • It instructs the strength of password determining the security level of a website.

4. Abandon Already Used Passwords

Once you’ve used a password, abandon that password after sometime, and create a new password. Because, using the same password again and again for a long period of time puts you in a state of vulnerability where you and your confidential information can become easily hackable. That’s why we recommend changing your passwords every 3 months making a new strong and unique password each time.

5. Use Two-Factor Authentication for Complete Protection of WordPress Admin Login

Adding Two-Factor authentication or multi-factor authentication is the fastest and the best way to secure your WordPress login.

In short, Two-Factor Authentication puts an extra layer of security to WordPress account login which means it will require a secondary code to allow you successful log-in. This sensitive secondary code is generated from an app on your smartphone.

You can use Google Authenticator – a WordPress Two-Factor Authentication plugin, by miniOrange. This plugin adds multi-factor authentication to your WordPress account login through generating secondary login code.

Forgetting Lost WordPress Passwords or Remembering Them - Which Is Easy?

With all the hustle and bustle of life today, forgetting a password is not something you should be ashamed of. It happens with all of us!!

But our two cents are this – it is easier to remember them then to actually recover and reset a lost WordPress password. If in any case, you cannot recover your passwords, our ethical hackers can help you with that. Experts at WP-Bridge pride themselves as being the best in the platform of WordPress and WordPress websites. So, just reach out to us and we will recover all that is lost.