Troubleshooting Guide

How to Change a Forgotten, Locked, or Hacked WordPress Password

Learn how to reset your WordPress password and regain access if you’re locked out or your site has been compromised.

🔐 Regain access • 🛠️ Fix issues fast • 🚀 Stay secure

Most website owners will eventually face a forgotten WordPress password — it happens more often than you’d think.

Other issues can also lock you out, such as too many failed login attempts or security plugins restricting access for protection.

In more serious cases, you may even lose access due to a hacked website or compromised credentials.

This guide will show you multiple ways to safely reset or change your WordPress password, no matter what situation you're in.

Overview

WordPress

WordPress is the world’s most popular content management system, powering a large percentage of websites globally.

It’s widely used for blogs, business websites, online stores, and more due to its flexibility and ease of use.

Because of its popularity, it’s also a common target for login attacks — making password security essential.

Password security best practices

A strong password is your first line of defence against unauthorised access.

Good passwords should include a mix of uppercase letters, lowercase letters, numbers, and symbols.

Avoid predictable passwords such as:

These can be guessed in seconds using automated tools.

It’s also important not to reuse passwords across multiple websites.

Protecting login attempts

Even with a strong password, extra protection helps prevent brute-force attacks.

You can improve security by using login protection plugins or enabling two-factor authentication.

Loginizer

Loginizer helps limit failed login attempts and temporarily blocks suspicious IP addresses.

This reduces the risk of brute-force password guessing attacks.

Typical setup steps:

  1. Log in to WordPress
  2. Go to Plugins → Add New
  3. Search “Loginizer”
  4. Install and activate

You can adjust lockout settings such as number of attempts and timeout duration.

Wordfence

Wordfence provides a more advanced security layer, including firewall protection and malware scanning.

It can block malicious login attempts and monitor suspicious activity across your site.

Setup steps are similar via the plugin installer in your dashboard.

How to change your WordPress password

There are several ways to reset or change your password depending on whether you can still access your account.

1. Forgot password method

This is the simplest option if you are locked out.

Go to your login page (usually yourdomain.com/wp-admin) and click “Lost your password”.

Enter your username or email address and follow the reset link sent to your inbox.

If successful, you’ll be able to create a new password and regain access.

2. Change password from dashboard

If you are still logged in, you can change your password directly:

  1. Go to Users
  2. Select your profile
  3. Scroll to Account Management
  4. Click “Generate Password” or enter a new one
  5. Save changes

3. Softaculous method

If WordPress was installed via Softaculous, you can reset credentials via your hosting panel.

  1. Log into your hosting control panel
  2. Open Softaculous
  3. Go to Installations
  4. Edit your WordPress installation
  5. Update admin username or password
  6. Save changes

4. phpMyAdmin method

This method is used when other options fail and gives direct access to your database.

  1. Log into your hosting control panel
  2. Open phpMyAdmin
  3. Select your WordPress database
  4. Open the users table
  5. Edit your admin user
  6. Update the password field using an encrypted format (MD5 option if available)
  7. Save changes

After completing this, you should be able to log in with your new password.

Summary

Forgetting your WordPress password is common, but recovery is usually quick if you follow the correct steps.

Always use strong passwords and enable additional security features where possible.

Keeping WordPress, plugins, and themes updated also reduces the risk of hacking attempts.

A secure hosting environment combined with good password hygiene significantly improves website safety.

FAQ

Frequently Asked Questions

This guide explains how to change wordpress password in practical terms, including what to check, why it matters and how it can affect your website, hosting, email or online presence.
It is useful for UK small businesses, website owners, freelancers, agencies and anyone comparing hosting or website options before making a decision.
How To Change WordPress Password matters because the wrong setup can affect speed, reliability, security, email delivery, customer trust or how easily your website can grow.
Start by checking your current website goals, expected traffic, storage needs, email requirements, support options, security features and whether the service can scale later.
Yes. The guide is written for non-technical readers and focuses on clear decisions rather than unnecessary technical detail.
For a UK business website, the right setup can improve loading speed, trust, enquiry rates and day-to-day management, especially when customers expect a reliable online presence.
The cheapest option is not always the best value. Compare performance, support, limits, backups, SSL, email features and upgrade paths before choosing.
In most cases, yes. A good hosting or website setup should let you upgrade resources, features or services as the website becomes more important to your business.
Avoid choosing purely on price, ignoring support, overlooking backups, using unclear limits or picking a service that cannot grow with your website.
Website Hosts UK can help with UK-focused hosting, domains, email, SSL, VPS, VDS and website hosting options depending on what your site needs.