Your website is hacked and you find out that can’t log in anymore, and even worse, when you use the “lost password” feature to reset your password, you don’t receive any emails.

You wish to recover or change your WordPress password from PHPMyAdmin?

If your website is infected by malware, then we recommend that you take a look at this article, it will show you how to clean your WordPress site from malware.

In this tutorial, we will show you how to change your WordPress password and email directly from the database (PHPMyAdmin).


Method 1: Change WordPress password from PHPMyAdmin

Step 1: Access Phpmyadmin (database)

First and foremost, in order to access your database you need to access your hosting panel. If you are using cPanel go to the “Databases” section and click on phpMyAdmin.

click on phpmyadmin in cPanel 

Step 2: Backup your Database

Before we change anything into the database, let’s make sure to create a backup.

On the top, just click on Export and select the database name and then press the Go button to download your SQL file.

click export to backup database

Step 3: Get your MySQL credentials (optional)

Have your MySQL credentials close by can be very useful, mainly for two reasons:

  • If you have multiple databases (multiple sites), and you don’t know which one belongs to your website.
  • In some particular cases with a few hosting providers, they require you enter your login credentials in order for you to login to phpMyAdmin.

access file manager from cPanel

So to get what we need, in your cPanel dashboard, go to your File Manager and inside the folder of your website open the file wp-config.php and within the first line you’ll find something like this:

wp-config mysql credentials

The first line is equivalent to your database name, and that’s one where you will need to change the WordPress access information to login.


Step 4: Edit your database

On the left you’ll find a list of your database’s tables. The one we need is “wp-users”, so click on it.

WordPress users table phpMyAdmin


NOTE: If you have multiple databases, select the one with the name in wp-config file.


Step 5: Change your Password

Next, you should be seeing on the right your user account, click on Edit.

Now you can add your new password in the marked field while making sure to select MD5 as an encryption function.

reset md5 password from phpmyadmin


Step 6: Change your Email

Make sure you have the right email in the field above, if not, then you should change it as well.

NOTE: If your website was hacked, we recommend that you delete all the user accounts except for the admin.


Method 2: Change using SQL query

For this alternative, follow the first 4 steps and then add the following line of code inside the “SQL” tab.

Replace the bold texts with your new user information.

Query WordPress database mysql phpmyadmin

Then press on Go.



Method 3: Change password using FTP

Another way to change your WordPress password, is to go into your File Manager, once you’re inside, go to your theme’s folder and open the functions.php file to add the following line code after this tag <?php

wp_set_password( ‘zzzzzz’, 1 );


After you add the above code, refresh your login page, and that should do the trick to edit your password, and in this case, the new password will be zzzzzz

After you refresh the page, make sure to remove the code you just added to functions.php otherwise, the password will keep getting reset each time you make a page request.

Lastly, once you log in, do not forget to change your password to a more secure one from your dashboard.


You did it!! Nice work. Now you’ve put yourself back on track and you can now login to your WordPress dashboard.

If for some reason you still can’t access your dashboard after applying these changes, it is highly likely that your site has been infected.

In that case, it’s crucial that you take action by going through the article we recommended at the beginning of this tutorial, it will guide you step by step on how to clean your websites from malware hack.