How to reset a forgotten WORDPRESS blog admin password (via MySQL)

Sun Jul 24 20:56:46 EEST 2011

My sister has forgotten the administrator account for her wordpress blog as she did not blogged for a while.
I decided to help her and reset the WORDPRESS blog password to another one.
The easiest way of course in normal circumstances is to use wordpress's Lost your password password reset via email.

However with this blog it seems I used an email address which I forgot so I couldn't really use this as a mean to reset the blog password.

Therefore as I'm addicted to command line

I decided to do it straight via connecting to mysql server with mysql cli and change the encrypted password value directly there. Here is how I did it:

1. First I logged in to the mysql server with my root user/pass


pcfreak# mysql -u root -p

Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 39263

Server version: 5.0.83-log FreeBSD port: mysql-server-5.0.83



Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

2. Then I checked current set user and password for the wp-admin admin user


mysql> use wordpress1;

mysql>  select * from wp_users where user_login like '%admin%';

+----+------------+--------------+---------------------+-------------+--------------+

| ID | user_login | user_pass | user_nicename | user_email | user_url | user_registered | user_activation_key | user_status | display_name |

+----+------------+------------------------------------+---------------+----------------+----------+---------------------+----

|  1 | admin      | $P$BG9eMoysG8ztywLp25AOpJSkWlRZMu. | admin         | invoke@emailaddress.com |          | 2011-03-10 13:44:26 |          
           |           0 | admin        | 
+----+------------+------------------------------------+---------------+----------------+----------+---------------------+---

1 row in set (0.25 sec)

3. Used a query to reset the current encrypted password you see below shown under the user_pass column


mysql> UPDATE wp_users SET user_pass= MD5('my_new_wordpress_password_to_reset') where ID = '1';

4. I've changed the email set for user_email to which mail is sent, in case of forgotten password again

I've done this to prevent my sister to bother me again, if she forgets her password once again ;)


mysql> UPDATE wp_users SET user_email='invoke_@abv.bg' where ID = '1';

One important note here is that in step 3 I've used the MD5(); mysql embedded function to generate the MD5 crypted password which is inserted in above's sql query, however the MD5 function is only available in MySQL servers version 5.x, therefore in older releases of MySQL e.g. ver 4.x, one will have to first generate the md5 password with let's say md5sum linux command or bsd's md5 cmd like so:

a. On Linux
hipo@noah:~$ echo 'my_new_wordpress_password_to_reset' | md5sum f0ed1489e6d9e7eae8b363b1b5e4a864 -

b. On FreeBSD

pcfreak# echo 'my_new_wordpress_password_to_reset' | md5 f0ed1489e6d9e7eae8b363b1b5e4a864

Afterwards the SQL query that can be used with the above generated string to issue on the MySQL 4.x server or earlier versions would be:

mysql> UPDATE wp_users SET user_pass='f0ed1489e6d9e7eae8b363b1b5e4a864' where ID = '1';

That's all now the password is set to the newly generated my_new_wordpress_password_to_reset pass string.
Cheers ;)

Posted by hip0 | Permanent link | Comments

/\