What to Do When You Lose Access to Your WordPress Blog Kingdom

You know it’s going to be a bad day if it starts with you losing access to your WordPress blog…

The most common scenario for this to happen is when you simply forget your password. But this is kind of easy do deal with. The only thing you have to do is use the native password recovery function in WordPress.

All it takes is inputting your username or email address, and you’ll get an email containing instructions on what to do next. This way you can get your password back in no time. And I’m sure you’re perfectly aware of this.

The real problem, however, is when (for whatever reason) your user account does no longer exist or it appears like this is the case. Maybe you’ve got hacked, maybe it’s a database malfunction, or maybe another user has deleted your account, either way, there are different steps you can take to solve this. Here are your possibilities.

What to do when your account seems vanished

Some usual symptoms:

  • The confirmation email (from the password recovery feature) never gets delivered.
  • You get the “Invalid username or e-mail” notification while trying to recover your password.
  • And of course, your previous username and password stops working.

Note. In order to be able to execute the following actions you need to have administrative access to the hosting account and database.

MySQL command line recovery

This is probably the best and fastest way of fighting any problem of such kind. No matter what the reason for the lockdown is, everything is stored in the database, and that’s also where it can be restored.

Start by connecting to your database server’s command line, and then use this command to log in:

mysql –u root –p

Next you’ll be prompted to enter your root password.

In the following step you’ll have to select the database name of your WordPress installation. If you don’t remember the exact name use this command:

show databases;

And then switch to the correct database:

use WordPress-DB-NAME

The following command displays all the tables in the selected database:

show tables;

In most cases, your user data table is “wp_users” but if there’s no such thing then go with anything that ends with “users”.

If your account has been deleted then it’s best to use the following command to get a hang on what’s going on:

select id, user_login from USERS-TABLE;

In the next step you’ll be updating the admin account’s password. If you can’t locate the admin account you can try changing the passwords for other accounts that don’t look familiar (in case you got hacked).

update USERS-TABLE set user_pass=MD5(‘NEW-PASS’) where id=ADMIN-ID;

That’s it. From now on, your new password should work just fine.

phpMyAdmin recovery

In this approach you’re essentially doing the same thing as in the command line approach, but this is a more user-friendly way, due to the graphical interface of phpMyAdmin. You start by logging in to your phpMyAdmin platform using your root account for the database.

Note. The most common way of accessing phpMyAdmin is through your web browser. Its usual location is the same as your database host (the URL you set as the “DB_HOST” in your wp-config.php file.

Once you’re in simply navigate to your database and the users table. Next click browse (or view), and then click the pencil icon next to the admin account.

pencil-icon

Now erase everything that’s in the user_pass field and input your new password normally. Like the example below presents:

new-pass

Finally, select MD5 from the functions menu and hit “Go.”

md5

This should do it, your password has been reset.

Emergency recovery script

I was surprised to find out that such thing even exists. The script is called emergency.php and you have to place it in the root directory of your WordPress blog via FTP.

When you navigate to this script via your web browser you’ll be presented with a simple form. To set a new password you only need to input the username of the admin account and the new password. As a confirmation, you will get your new password by email.

Once you’re done remember to delete the script. Even though this script is not that popular it can still be accessed by other people, and they can change your password as well.

Here’s where you can get the script: emergency password reset script.

Functions.php hack

There’s one final thing you can do to reset your password. This technique requires FTP access (same as the emergency script).

Download the functions.php file of your current theme and add this one line:

wp_set_password(‘NEW-PASS‘,1);

The “1” is the ID of the user whose password you want to change. Admin accounts are usually ID 1. This method won’t work if there have been some serious changes to the users table.

Now the only thing left to do to activate this instruction is to go to your blog and refresh the page. Then go back to the functions.php file and remove the line. At this point, you should be able to log in to your admin account with a new password.

This concludes the list of most common ways of regaining access to your WordPress blog. For me, the phpMyAdmin approach is the fastest and the most reliable (no place to make any mistakes with the instructions in the command line, for example).

Have you ever faced a blog blocked like that? What did you do to regain access?

there is 1 comment added

  1. Affan Ruslan 16th February 2012

    Nice article. I never heard about the emergency.php though

(optional field)

HTML tags are not allowed.

Reset fields

back to top