Caution


This article was published more than a year ago, there may have been developments.
Please take this into account.

Today I asked myself: “And if I forget, or if someone changed the login password to your blog?”. It may happen that, after a dictionary attack the Brute force un hacker POSSA penetrate my account, change address mail account so that you have the notifications addressed to himself and change the password. In this way I would have no way to reset the password either by clicking on “You Lost your password“, because the notification would be received by the hacker. So how is? Start by saying that for ways to reset the password there are several, all equally effective and reliable. Obviously, we have full control of the database on which we are going to operate. At different levels of “freedom” on the database there are different ways to interact with it.

Wandering among the articles I came across WordPress.org then an article that is just for my.

Of ways to reset your password seems there are several, and all equally useful for all needs.

After being logged

To change your password after you log into the Control Panel:

  1. In the admin panel click “Users”,
  2. Click on the user for which you want to change your password,
  3. In the Admin page user, scroll down to the bottom and type the new password. A colored box will indicate the effectiveness of the new password,
  4. Click on “Update Profile”.

The new password will take effect immediately.

Using the built-in mailer

If we know the user name and the email account associated, we can use the link “We have lost the password?” that we find on the login page.

  • Let's go to the login page of the blog (eg http://yoursite.com/wordpress/wp-login.php),
  • Click on “We have lost the password?”,
  • We will indirizzadi on a page where you must insert some detail: username and email address associated with,
  • Wait a few seconds for the new password is generated and sent to the email address specified,
  • Once the new password you can logging, and then change it into something “ricordabile“.

Using MySQL commands entered at the command line

  1. Create an MD5 hash of your password,
    • Visit “md5 Hash Generator”, or…
    • Creates a key with Python, or…
    • Su Unix / Linux:
      1. Create the file “wp.txt” with the new password within (and nothing else),
      2. md5sum wp.txt
      3. rm wp.txt
  2. mysql-u root-p” (you need to log in to MySQL),
  3. enter your password in the database,
  4. use (name-of-database)” (select the WordPress database),
  5. show tables;” ('re looking for a table called “users“),
  6. SELECT ID, user_login, user_pass FROM (name-of-table-you-found)” (This gives you an idea of ​​what's inside),
  7. UPDATE (name-of-table-you-found) SET user_pass="(MD5-string-you-made)" WHERE ID = (id#-of-account-you-are-reseting-password-for)” (change the password),
  8. SELECT ID, user_login, user_pass FROM (name-of-table-you-found)” (confirming that the password has been changed),
  9. (first Ctrl + D to exit).

Note: if you have a recent version of MySQL (dalla 5.x?) you may have to calculate the MD5 hash directly to MySQL.

  1. Skip step “1” above,
  2. Run the following command instead of step “7”.
    • UPDATE (name-of-table-you-found) SET user_pass = MD5('"(new-password)"') WHERE ID = (id#-of-account-you-are-reseting-password-for)” (in fact change the password).

Attraverso phpMyAdmin

This article is aimed at those who have access to your database via phpMyAdmin. Note: using phpMyAdmin at your own risk and peril. If you doubt your skills in using it, rather ask for help from those who know more. WordPress is not responsible for data loss.

We begin to either login in phpMyAdmin and click databases.

Image #2

  • The list of available databases will appear. Click on the database in which we have our WordPress.

Image #3

  • You should see all tables in the database. If it does not click on “Structure“,
  • Find Tabella “wp_users“,
  • Click on the icon “browse“,
  • Find your username below “user_login”,
  • Click “edit

Image #4

  • Your “user_id” will be shown, click on “Edit”,
  • To the left of “user_pass” there is a long row with numbers and letters,
  • Select the row and delete it, and write your new password,
  • Write the password you want to use by default, Remember that it is case-sensitive (There is no difference between upper and lower case),
  • In this example the password is 'rabbitseatcarrots',
  • Once you change your password, click on the drop-down menu, and select “MD5” dal menu.

Image #5

  • Check that your password is correct,
  • Click on the button “Go” in the bottom right hand,
  • Test the new password by logging into your blog, if it does not double-check that you have followed these instructions to the letter.

Not enough?


TheJoe

I keep this blog as a hobby by 2009. I am passionate about graphic, technology, software Open Source. Among my articles will be easy to find music, and some personal thoughts, but I prefer the direct line of the blog mainly to technology. For more information contact me.

2 Comments

Anna · 27 March 2017 at 3:28 PM

Hello. But if the director is also the one who created the page and account linked to the email postmaster@nomesito.it you can do the same? Or he can always restore all? Because I and a friend had done together a blog, Then we had a fight and she dumped. but since she has created the site, vorrrei tornase not a day to take it back if I change the account

    TheJoe · 28 March 2017 at 8:09 AM

    Well, if there's one thing certain is that in the case of standard wordpress installations who has access to the web space and the database can do what he wants accounts.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.