Because WordPress is such a popular site creation tool, is also a favorite target of hackers. It’s a good idea to change your password frequently, making sure to use numbers, special characters and upper and lower case letters.
You can change your password in the “Users > Your Profile” screen in WordPress, seen here:
try to use a password that is hard to guess!
If you don’t use a unique mix of characters, you’ll need to click The Checkbox of Shame™ to confirm that you want to be hacked use a weak password.
Need help?
If you aren’t logged into WordPress, you might need to use these methods to reset your password:
Reset at the login screen
If you aren’t logged into WordPress, you can also reset your password from the WordPress login screen. To visit this screen, add wp-login.php to the end of your WordPress site address, for example:
https://mycoolsite.com/wp-login.php
The login screen provides a link to reset your password – click the link and fill in the username or email address for your WordPress system profile, as seen in this example video clip:
Many accounts have a username of admin by default, but yours might be something else. It might even be an email address, and the username could be different than the actual account email address in your profile.
The reset email typcially comes from an address like wordpress@mycoolsite.com so look for an email that comes from “wordpress” and your site domain name. Be sure to wait up to 15 minutes for the email, since some web servers are slower than others to send the email. Check your spam folders if you don’t see the message arrive.
If you still can’t reset your password, try the method below:
Reset forcibly (emergency.php method)
If you have tried to send yourself a password reset email with the method above, but you couldn’t figure out your username or email address, or if the email never arrived in your inbox, here’s another method you can try.
Download a special emergency.php file, which we have zipped up and linked here: emergency.php.zip
After the file has downloaded to your computer, unzip the file and you should find the emergency.php file inside, seen here:
Use the File Manager tool in your hosting account to view your web server file system. This video explains how to use a typical file manager tool:
(if you don’t have a file manager in your account, you can use an FTP program on your computer)
Look for the folder where WordPress is installed. Typically, this is a folder called public_html or www or htdocs if your website is at the main address of your site.
Upload the emergency.php file so it appears in the same place as your WordPress files, seen in this example:
After uploading the file, visit your WordPress system address with emergency.php added to the end, as in this example: https://mycooldomain.com/emergency.php
You should see the WordPress Emergency PassWord Reset screen:
Fill in (A) an administrator username, and (B) a new password, and then (C) click to Update Options.
DON’T FORGET to delete the emergency.php file from your server by using the file manager.
You should be able to login to WordPress using your username & password after this step.
If this did not work, the password will need to be reset directly in the MySQL database – contact us with your web hosting login info if you need further help.