Being locked out of the WordPress admin or wp-admin screen can be a frustrating issue. You lose the ability to edit your site, publish new blog posts or take care of comments and other administrative tasks.
There are, however, a number of different solutions to this problem, and we’ll go over each of them throughout this article.
A common error people come across in regards to this issue is being locked out of the WordPress admin after entering an “incorrect password” even though you’ve entered the correct password and attempted to reset your password.
If you attempt to reset your password and receive no email notification asking you to do so, you may be the victim of an attack.
Whatever your reason for not being able to retrieve your password might be, you can reset it manually in phpMyAdmin. It’s a tool that enables you to maintain and configure your MySQL database through a user-friendly interface. If your host uses cPanel, log in, scroll down to the Database section, and click phpMyAdmin.
Use your cPanel username and password to log into phpMyAdmin. Use another tab to log into your site’s file manager. You can also use an FTP client, such as FileZilla. Open your root directory, typically called public_html, and open your wp-config.php file. You may need to download it and open it in a text editor on your computer to view it.
What you need to look for is a define ( ) function with the name DB_NAME. This will let you know the name of your database. This snippet of code is typically located toward the top of your wp-config.php file underneath the large comment telling you what the purpose of the wp-config.php file is.
Go back to the tab where you have opened phpMyAdmin. You’ll find plenty of tabs at the top of phpMyAdmin. Select Databases, and select the database whose name matches the one you found in your wp-config.php file.
You should see a screen with a large table with plenty of values that contain “wp” prefixes. Scroll down until you find wp_users, and click on it. Look carefully. The values in your table may include a few letters between wp and users, such as wp_bjhe_users.
You should now see a smaller table that contains all of the users on your site. Find your main admin user account, and click the Edit button associated with it.
You’ll find your password in the user_pass field, but you won’t recognize it. This is because it’s being encrypted in MD5. Only MD5-hash passwords work in this field, so you’ll need to create your new password using an MD5 hash generator.
Click here to open a basic MD5 hash generating tool. Enter the password you’d like to assign to your admin account in the textbox, and click Generate to reveal your password’s hash string. Copy that hash string, and paste it in the Value column of user_pass in phpMyAdmin.
Click Go at the bottom of the page to save your new password. Make sure you use the password you entered in the textbox to sign into wp-admin, not the MD5-hash version of it.
If you are locked out of the WordPress admin due to your user account not having admin privileges, you may have been hacked. Again, refer to our guide if you believe your site has been compromised.
In the meantime, you’ll need to restore admin privileges to your user account. Use the instructions in the previous section to navigate to the wp_users section of your database.
Once you’re there, click the Insert tab. You’ll find a table with blank values, giving you the ability to create an entirely new admin account. Leave the Function column blank, but set the function for user_pass to MD5.
Here are the values you need to fill in:
Click Go to create the account.
There should be a menu on the left-hand side of phpMyAdmin. Use it to open wp_usermeta, which should be near wp_users. Click the Insert tab when you open it.
Configure the following settings:
Click Go to save your settings.
Click Insert again, and enter the following settings:
Click Go to save your settings.
Log into wp-admin using the new user account you created. Open the Users page, and open the Edit page for that user. Take a close look at the information to make sure everything looks okay, and click Save Changes once you’re done.
Some security plugins allow you to limit the number of attempts a user can make to gain access to your site. While this does block hackers who simply navigate to your site’s wp-admin screen and attempt to log in with various passwords, it can also lock you out by accident.
If you suspect you’re having an issue with a security plugin, log into your host’s file manager or connect your site to an FTP server with such FTP clients as FileZilla and Cyberduck.
Open your site’s root directory, typically called public_html. Open the wp-content folder, and open the Plugins folder. Right-click on the security plugin’s folder, and rename it to deactivate it.
Try logging into your site. If you cannot, you may have to wait for the block on your account to be lifted. These types of plugins allow you to pick the amount of time a user gets blocked from your site when they fail to log in correctly too many times. If you believe this is your issue, decrease the amount of time a user gets blocked for to 5-10 minutes once you gain access to your site.
If you’re unable to pinpoint what the issue is, try using the instructions in the previous section to create a new WordPress admin user account.
Try to navigate to other pages of your website. If you have trouble accessing your entire site as opposed to just wp-admin, you may have an error establishing a database connection.
Freddy Muriuki has written an entire tutorial on how to fix this error in WordPress, so make sure you check it out if you’re experiencing this issue.
You may be experiencing this issue as the result of the slightly terrifying white screen of death. If you see nothing but white on the wp-admin login screen, you’re probably experiencing this issue. This is especially true if you see it on other pages as well.
A faulty plugin could be the cause of this issue. Log into your host’s file manager or use an FTP client to find your Plugins folder. Once you do, rename it to anything you want to deactivate all of your plugins.
Try navigating to your site now. If you can log in with no issues, your error is being caused by a plugin. Re-activate each plugin one by one, refreshing your site after each activation, to see which one is causing the issue. Once you find it, decide if you can discard it. If you can’t, find a replacement for it or contact its developer.
Themes can be coded poorly as well, especially if you don’t update them and WordPress core enough. Make sure you have a default theme installed on your site, and rename your individual theme’s folder to deactivate it.
If you no longer see an issue and can log into your site just fine, you need to fix your theme. Contact your theme’s developer if it’s a premium theme.
Your host places a limit on the amount of memory your site is allowed to use. This is especially true for shared hosting providers. You may experience the white screen of death once you hit that limit. There are a number of different things you can do to fix this error.
You may be experiencing this issue due to a syntax error in one of your files. Your site should display a “parse error: syntax error” message if so. Check out this guide to learn how to fix this error in WordPress.
If you lost access to wp-admin due to issues with your admin account, make sure you create a second backup admin account once you get back in. That way if you have posts to submit and edits to make, you won’t experience any downtime while you sort out the issues you’re experiencing with your main admin account.
Did any of these solutions solve your issue? Let everyone know in the comments!
Trying to figure out how to start an online course so that you can share…
Considering using LearnDash to create online course content with WordPress? LearnDash is a popular WordPress…
WordPress XML files see a lot of use for me as a content creator, and…
If you’re looking for a way to deliver an online course, complete with all the…
Search Engine Optimization (SEO) is crucial for any website that wants to maximize its traffic…
Kinsta is a notable brand in the WordPress hosting space. The standout aspect of the…
View Comments
Creating a new admin user can easier be done with this snippet than trough the database.
Just past it (temporarly) in the functions.php of the current active theme
```
function add_admin_acct(){
$login = 'username';
$passw = 'password';
$email = 'example@example.com';
if ( !username_exists( $login ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $login, $passw, $email );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
}
}
add_action('init','add_admin_acct');
```
Thanks for the tip, Richard!
Im so frustrated. For the 10th time in a year i go to lih in and all of the sudden my password is not valid. The first few times i.did the reset password by getting a tect code and that was it. Now im getting an email with a button to take me to reset. Great. It says its been successfully changed. However not so when i try to log in.
I am at a loss. I rebooted and all that.
I read the phpadmin tip on resetting it but that would take me forever. Is there any other way?
Help!
My email is tjpetri16@gmail
Thanks
I just walk through the lockout. The step you gave me was EXCELLENT. Thank you, thank you