How to recover a lost wp-admin password using WP CLI
- CHALLENGE:
- I forgot the Administrator password to WordPress Backend Panel
- SOLUTION:
- execute the CLI command or add the mu-plugin to set up a new password
There might be situations when user password credentials to WordPress have been lost or forgotten. It’s problematic because access to the Admin Panel is crucial in website management. We can use the ‘Lost your password?’ WordPress functionality ( /wp-login.php?action=lostpassword ), but this requires “sending e-mails” to be configured on the server and also to have a proper email address set in user details.
I don’t remember my password and need an alternative solution. There are, in fact, a couple of methods. Let’s check them out!
Contents
Set user password using wp-cli
If we have SSH access to our server and WP CLI installed, there is a simple command to change user password. Let’s check the user list and then set up a new pass:
wp user list wp user update myusername1 –prompt=user_pass
We can also create a new Admin account using WP CLI. This User account with administrator role will also have “super-admin” rights in the Multisite environment:
wp user create newadminuser2 [email protected] --role=administrator --allow-root wp user update newadminuser2 --user_pass=mySecretPasswordHere --allow-root wp super-admin add newadminuser2
Use a PHP function to set up a new password
You can also use a simple PHP function, simply:
- paste this code into your functions.php in the theme directory
- refresh your website (on http request function will be executed)
- remember to remove the code from functions.php (it’s not needed anymore)
- now you can log in using your new Administrator account
/**
* Add new WP Admin User via functions.php
* Grant Super Admin role for Multisites
*/
add_action('init', 'ct_add_new_account');
function ct_add_new_account() {
$username = 'newadminuser2';
$password = 'mySecretPasswordHere';
$email_address = '[email protected]';
if ( ! username_exists( $username ) ) {
$user_id = wp_create_user( $username, $password, $email_address );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
grant_super_admin($user_id);
}
};
There is also an option to change user password programmatically. You can get the user account by email and update the password to a new value. Add the code to your theme (functions.php), refresh the website, remove the code, log in using the new password.
/**
* Change WP User password
* ( you need to know user's address email )
*/
add_action('init', 'ct_change_user_email');
function ct_change_user_email() {
$user_email_address = '[email protected]';
$new_password = 'myNEWSecretPasswordHere44';
$user = get_user_by( 'email', $user_email_address );
if($user){
$user_id = $user->ID;
wp_set_password( $new_password, $user_id );
}
};
Use SQL update in phpMyAdmin
An alternative option to update the value of the password will be a MYSQL connection. You can use phpMyAdmin or any other tool that connects to the MYSQL server. Query to be executed:
# update wp_user password
UPDATE `wp_users` SET `user_pass`= MD5('myNEWSecretPasswordHere6') WHERE `user_email`='[email protected]';
Create mu-plugin
The WordPress mu-plugin (“must use” plugin) is a PHP file uploaded to the /wp-content/mu-plugins/ directory. Those plugins are mandatory for WordPress to use them, no need to activate – WordPress core will always load them on startup. We can create our mu-plugin that will create a new Admin Account. Just save it as ct-create-new-user.php and upload via FTP to: /wp-content/mu-plugins/ . After the first page request, the account will be created. You can now remove the file from the server.
<?php
/**
* /wp-content/mu-plugins/ct-create-new-user.php
* Plugin Name: New Account Creator
* Description: Create New Admin account
*/
// Basic security, prevents file from being loaded directly.
defined( 'ABSPATH' ) or die( 'Cheatin’ uh?' );
/**
* User account creation
*/
add_action('init', 'ct_add_new_account12345');
function ct_add_new_account12345() {
$username = 'newadminuser3';
$password = 'mySecretPasswordHere';
$email_address = '[email protected]';
if ( ! username_exists( $username ) ) {
$user_id = wp_create_user( $username, $password, $email_address );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
grant_super_admin($user_id);
}
};
That’s it. Make sure you follow us for other useful tips and guidelines.
Tomasz Leszczyński ON August 31, 2021 at 6:06 am
Hi! Nice tutorial, thanks :)