Home > Computer > Reset WordPress Admin User Password from phpMyAdmin
Donation Goal
Donate Now Goal amount for this year: 799 USD, Received: 100 USD (13%)
Please donate to help support this website. The funds will be used to purchase owned license of LiteSpeed Web Server Enterprise (2-CPU). It provides superior performance in terms of raw speed, scalability and anti-DDoS capabilities.

Reset WordPress Admin User Password from phpMyAdmin

Posted By Raymond In Category: Computer

Oct
24
2009

Gosh, after being away for a month, I forgot to update one of my client’s website that is running WordPress to the latest version. The site was running WordPress 2.8.3 and is vulnerable to the admin reset exploit. Any one can reset the administrator password by typing a special URL (http://www.domain.com/wp-login.php?action=rp&key[]=) on a web browser causing the administrator password to change and cannot be recovered from the Lost Password page. True enough, some script kiddie found out and used the exploit to reset the admin password. He can’t get in the WordPress admin site but just caused some inconvenience to the owner of the site.
Wordpress Admin Incorrect Password
Fortunately resetting the WordPress administrator password is very easy through phpMyAdmin. phpMyAdmin is a free software tool written in PHP intended to handle the administration of MySQL using your web browser. If you don’t have one, I’d suggest you to ask your server administrator to install one.


Once you’re logged in to phpMyAdmin, you need to make sure you’re editing the WordPress database that you’re supposed to. The list of database should appear on the left pane. Click on it to select the database.

Once you’ve done that, click on wp_users on the left pane which should list all users for the WordPress site. Look for admin on the user_login column and click the Edit button which has an icon of a pencil.
edit wordpress admin password
At the user_pass row, change the value to 5f4dcc3b5aa765d61d8327deb882cf99 and click the Go button.

Now go to your wp-admin page and log in with the following details:

Username: admin
Password: password

Once you’re logged in, go to Users > Your Profile > scroll down to the bottom of the page and set a new password. Finally, don’t forget to update your WordPress to the latest version so your site will no longer be vulnerable to the wordpress admin reset expoit.


Related posts:
  • Easily Delete All WordPress Spam Comments Using phpMyAdmin
  • Reset and Edit Windows Local Administrator and User Password
  • Fix WordPress Error: Says Already Installed During Installation
  • How to Reset Router’s Password
  • Reset Or Change Administrator Password On Windows XP
    • soad666

      Man u are the best!!!

    • http://www.geekmixer.com MrGeek

      That’s an interesting trick!Thank god this wordpress bug was fixed.

    • jimmyloyola

      Wow super cool trick. Thanks a lot again

    • Phil

      FYI – similar tricks work on Drupal mysql databases. While the tables will have different names from wordpress for obvious reasons. In drupal’s case you would just edit the password to something simple, logon then change it to what you want.

    • Geek Lord

      Hi Raymond.

      You have twitter?

      Thanks..

    • http://www.kelola.web.id Smash

      Merry Christmas Raymond, God Bless You

    • http://hh hesam

      thanx a lot man.

    • http://hecode.com Andy

      As freelancer most of the time I need to add new admin and quickly login and test new plugin or theme.

      I use addnewadmin script. http://hecode.com/addnewadmin

      Simply copy the addnewadmin.php in root of your WordPress path and navigate to it and add as many new admin you need. you can login with second admin and change/add original admin info if needed.

    Copyright © 2005-2012 - Raymond.CC Blog