It’s easy to change your administrator password! Yes, it really is! Website security depends on strong passwords to lock down and protect your valuable website data. Hackers are always lurking, and just waiting for an opportunity to break in. You can’t be too careful when it come to website security.
I wrote about How to Create Strong Passwords that hackers can’t crack…and that you can remember, in my previous article. Check it out Here.
So now we have to know how to change our WordPress Administrator password from the tired old low-security password to our new super-strength, difficult to hack, secret – and cunningly obscure…password. Don’t panic, it’s easy. It might sound scary to mess with your front door security system but it really is No Risk! Why?
Because if you make a mistake, or change your mind, no worries! There are easy ways to recover administrator passwords, and find out what your password is if you have forgotten it, and easily reset it again in a couple of minutes…with no stress or hassle. And yes, I learned this the hard way…once again, I made the stupid mistakes so you don’t have to!
Basic Website Security: Put Secure Double Locks On Your Front Door
For anyone to gain access to your website admin area, everyone has to get past (or hack past) 2 security barrier protection steps:
- A login Name
- A Password
Even administrators have to be able to unlock these 2 security barriers to get into their own website, and so do hackers. Both barrier locks are equally important against web attack and for hacking prevention.
You don’t still use the username ‘Admin’ as your Login name, do you? Well, Do You? Using Admin as your login username reduces your most important security protection barriers by 50%. It’s like leaving your front door half open.
Check out How to Change Your Login Username…. And do it! Change your Username to something (anything) other than ‘Admin’, today!
How To Reset Your Administrator Password
There are several different ways to do this. Which one you choose to use depends partly on what sort of Access you have to your website. They all work, and it doesn’t matter which way you choose to do it. I’ll start with the really easy one that is done in your WordPress Dashboard.
And if you forget your password, or ‘something’ goes wrong when resetting your password, WordPress has a built in recovery mechanism that uses email. And it works – I know that, because I tested it…because I had to….but lets not go there!
- Go to Dashboard>Users
- You can go to ‘All Users’ and find your Profile amongst your List of Registered Users, or… on my WordPress Dashboard I had the option to go to ‘Your Profile’ straight from the ‘Users’ tab.
- Scroll down your Profile page until you get to the New Password section (No 1 below).
4. Type in your super-strong password.
Important Note: do not assume your password is strong and secure, just because you ‘think’ it is. If you haven’t done some testing of Password strength at How Secure Is My Password, you should go there now, and do some research before you decide on what to use as your new strong password.
In general, it’s the number of characters that seems to be the most important factor in making your password secure. See How to Make Secure Passwords…That You Can Remember.
Extra Tip: if you type in both your passwords quickly, the Strength Indicator – on my Dashboard Profile at least – stayed frustratingly blank (No 4 in above screenshot). But, if I typed in the first box only (No 2), and waited a moment or two, the strength indicator did work.
5. Enter your Password again in the second box (No 2 in above screenshot).
6. Click Update at the foot of your User Profile.
…..Here is where you need to stay calm!
7. Log out of your website.
8. Cross your fingers and hope like…whatever, and
9. Login to your website again with your new secure Administrator Password
Tip: your website login system will take a bit longer than you are used to process the new information….stay calm.
Well?? Oh no! It says Incorrect Login details! The dreaded Pink error message and the shaking login form….stay calm, it’s scary I know…but it will be OK, I promise.
Trouble Shooting.
To be honest, I don’t know why this happened to me. Maybe it was just so I could tell all my readers how to deal with a glitch in the process? Yes, that must be the reason….
Here is what you might see:
Those of you still paying attention might notice that I tried several times to get my new password to unlock my blog’s front door. Maybe around 5 attempts… in fact I kept trying until I got the Max Failed Logins warning (No 1 above).
Then I had to wait for 30 mins before trying again. But that is a good thing. Now I know that this security safeguard of limiting the number of login attempts is working properly, even if my new Password had gone AWAL, and got lost in the system somewhere.
Recover Your Lost Password Using the WordPress Recovery Email System.
This is in fact The Second Method of How to Reset Your Administrator Password.
Even though in my case, I used it to Reset my password after the first attempt had not worked properly, you can use this method right from the start if you want to, without using the User Profile method of Changing your Administrator Password.
If you want to change your WordPress password by going straight to the reset password via the email recovery system, enter your Login Form’s URL in the address bar:
www.your domain.com/wordpress/wp-login.php
and this brings up you your Login Form where you can use this Reset Your Administrator Password using the WordPress Email Recovery system, as follows:
Here is what I did to recover my lost (but not forgotten) Administrator password.
You can also use this method if you have forgotten your password, or can’t remember which one you are using if you have several sites with different passwords.
See the No 2 in the above screenshot: Lost Your Password?
Click on it.
You will see a message similar this:
No 1. Message: You can enter either you email address or your username – either one will work.
No 2. Enter whichever one you choose to use
No3. Click Get New Password.
You will now see:
No. 1 above is there only because I had already maxed out my allowable Login attempts.
No. 2 is the message you get after you have clicked on Get New Password (No 3 in the earlier screenshot). It says, ‘Check your email for the confirmation link‘.
Go to your Inbox and open the email from WordPress. Your email will say this:
You have probably noticed that the password change screenshots I used as a demo for this article are for my other website Addiction Rehab Now. Resetting or recovering lost or forgotten passwords is the same for all WordPress sites, so please ignore that some of these screenshots relate to my other website.
Once again, this email demonstrates that WordPress takes security seriously – it notifies us (warns us) of ‘someone’ trying to change the password on this website.
This is a very useful WordPress security safeguard – in case someone else has been trying to gain access – unauthorized access – to our website.
In this case here, we know it was us, so we just click on the link provided (blacked out above) and we get the screen where we are able to reset our Password.
Enter your new secure password, and click Save.
Log Out and test your password system again.
When I did this, it worked. I don’t know why it didn’t work the first time, when I did it using the WordPress User Profile, but it was a useful learning experience.
Other Methods of Resetting Your Administrator Password
I need to issue a Geek Alert here. I don’t know how to do this next method. It’s called:
Reset Your Administrator Password Using MYSQL Command Line.
But here is a link to the WordPress Codex that explains how to do it:
WordPress Codex: Methods of Resetting Administrator Password
If you go there, it will also tell you how to change your Administrator Password by using your phpMyAdmin – caution required!
And… how to change your password using FTP, as well as using the Emergency Password Reset Script.
If any of those methods tempt you, feel free to check them out. All the instructions are there. Personally, I’d rather stick to the easy non-geek ways to change your administrator password, but that’s because they work, and I’m not a geek…yet.
Want to Subscribe to our Newsletter and never miss out on the latest posts? Just click here on the word Subscribe. And if you don’t receive a confirmation email after a couple of minutes, please check your Spam Folder.
Pingback: Security: How to Make & Test Secure Passwords You Can REMEMBER
Pingback: Online Security: Security Check List For Bloggers
Pingback: AlterEgo Free: How To Block Hackers From Your MailChimp Account
Klasse gemachte Homapage, das Layout gefaellt mir sehr gut!
War sicher ne menge Arbeit.
Danke.