Changing and recovering passwords
Video: Changing and recovering passwordsIf you lose your password, that's okay. Don't panic. There are plenty of ways to retrieve and reset lost passwords. In this screencast, we'll show you three quick methods for recovering and/or changing forgotten passwords with WordPress. In general, there are three good ways to reset your password. Method one, change your password when you are logged in to the Admin area. Method two, change your password when you are locked out and don't have your password.
- Next steps
Viewers: in countries Watching now:
This course explains how to secure self-hosted WordPress sites, including site configuration, code modification, and the use of free plug-ins. Beginning with the basics of site security, author Jeff Starr explains how to harden a WordPress site by configuring authentication keys, setting proper file permissions, and removing version numbers. The course shows how to implement a firewall, prevent automated spam, and control proxy access, and concludes with a series of advanced tips and site security best practices.
- Backing up and restoring your site
- Setting up strong passwords
- Choosing trusted plugins and themes
- Protecting the configuration file and the admin directory
- Securing the login page
- Fighting comment spam
- Blocking access and detecting hacks
- Finding and reporting vulnerabilities
Changing and recovering passwords
If you lose your password, that's okay. Don't panic. There are plenty of ways to retrieve and reset lost passwords. In this screencast, we'll show you three quick methods for recovering and/or changing forgotten passwords with WordPress. In general, there are three good ways to reset your password. Method one, change your password when you are logged in to the Admin area. Method two, change your password when you are locked out and don't have your password.
And method three, which is a failsafe and works under any situation, is just to change the password directly via the database. So let's go through each of these methods, beginning with the simplest. Method one, change your password when logged in to the Admin area. The first and easiest way to change your password is to simply log in to the Admin area and update any user's password via the user profile page. Simply click on the Edit link for that user, scroll down, and enter the new password here, and repeat it here. Click Update Profile and you're done.
This works great, and is the intended way of changing your WordPress password, but what if you can't log in to the Admin area? If you forget your password, it's going to be impossible to change it from the Admin. So let's try method two, change password when locked out. The second method of changing your WordPress password takes this scenario into account. If you forget your password and are unable to log in to change it, simply navigate to the Reset your password page by clicking Lost your password.
From this screen, a new password is just a few clicks away. Just simply enter your username or email and click Get New Password. In WordPress the Recover your Password page is by default located at the following URL, where example.com is the domain name for your web site. Simply enter your username or email and click Get New Password. Then check your email for the confirmation link. The process takes a few clicks but seems to work perfectly well.
Of course without access to your email account, it's impossible to change your password using this method, so we bring out the big guns with method three. With method three, we change the password directly via the database. This bypasses all requirements by modifying the database directly. All that's needed is a way of interfacing with your database. Here we're using the incredibly awesome phpMyAdmin, which is readily available on most servers. To change your password, click on your database name in the sidebar and then click on the users table and then on the Browse tab, to see a list of your users.
Here's the only user for this site, and so to change the password, we click on the Pencil icon to edit. Looking at the user_pass field here, you see our MD5 encrypted password. This is the current password--you know, the one we forgot. The new password also needs to be encrypted, and this is easily done from within the software. Delete the old value and enter the plain text version of your new password. Then in the dropdown menu, select MD5 and then click Go.
You'll see that our new password has also been encrypted with MD5 encryption method. At this point, our new password is ready to use. Just return to the login page for our web site and click Log In. In this screencast, we've seen three quick and efficient methods for recovering forgotten passwords. These techniques will help you regain control in the event that someone hijacks your site and changes your passwords, or for changing passwords on any occasion.
There are currently no FAQs about WordPress 3: Developing Secure Sites.