There’s few things as important than (or as mildly annoying as) passwords. When you’re working online in general, your password is your master key. With it, you can protect everything or someone else can destroy everything. That’s why it’s so important that you know the ins and outs of having secure and stable passwords and how to react when you do lose your password (because, it happens to the best of us).

Choosing a Secure Password, Ground Rules

There’s probably nothing more important than keeping your password complex and unusual. You wouldn’t believe the amount of clients I’ve experienced whose sites got destroyed because they used a password like “password.” The ground rules of having a secure password are pretty simple.

  • No dictionary words!
  • Use some capital and some lowercase letters.
  • Use at least one number.
  • Use at least one special character or punctuation.
  • Create different passwords for every login you have.

Bad Example: Pancakes
Good Example: P4nc4k3s!

Password Tools of the Trade

There are definitely some tools you can use to make password security much simpler. For example, using a password generator is a great way to come up with ultra secure passwords that are near impossible to guess (by person or software).

Likewise, it can be hard to remember all of those passwords so it’s a good idea to get a browser plugin or password management tool to help you remember all of them.

WordPress lost password screen

Whatever you do, do not store all of your passwords in an unencrypted document. If you do this, it just takes access to your computer remotely for someone to access everything you have. Needless to say, that would be incredibly bad news. It’s just not worth the risk.

Tools you should consider using:

  • LastPass – LastPass is a free browser add on that securely stores any passwords you need. You can group passwords and enable things like “auto-login” pretty simply.
  • Password Generator – Using a tool like this to generate your password will take the guess work out of it, and generally give you something complex that is also easy(ish) to remember.

    Many password management tools, like LastPass and RoboForm, also have a secure password generator built in, so there isn’t a need for this second tool in a lot of cases.

Video: Recovering WordPress Passwords

In the video below I show you how to gain access to your WordPress account when you have forgotten your password. This will work even if you do not have access to the WordPress recovery email address, just as long as you can gain access to the WordPress database.

Recovering WordPress Passwords if you Still Have Access to Your Email

WordPress is a comment content management systsem, and one where passwords get lost frequently.

If you have access to the email address you used when you setup your WordPress installation, resetting your password is as simple as the click of a few buttons. All you need to do is go to your WordPress login screen and click “forgot password.” It will ask you for your username or your email address.

From there, you’ll get an email with a link to reset your WordPress password, and you can reset it from your browser.

Recovering Your WordPress Password When You Can’t Access Email

If you don’t have access to the email address used for your WordPress installation (or don’t recall what it is), there is still hope. You can easily reset your WordPress from within your control panel. This method takes a few extra steps, but is simple enough if you follow along.

Steps to Reset your WordPress Password from PHPMyAdmin:

  1. Login to your cPanel and look for “PHPMyAdmin.”
  2. Once you open PHPMyAdmin, look for your WordPress database from the left side and click on it.
  3. You should see a list of database tables that all begin with one prefix, most often this is “wp_” so locate and click “wp_users.”
  4. You will see a list of users, or one if it is just the main admin account. On the left, click “edit” with the pencil icon.
  5. On the left, you’ll see a list of field names. Look for “user_pass.” On the drop down to the right of this (under “Function”), choose “MD5.” As a side note, MD5 is a type of encryption, that’s why the password displayed looks nothing like your actual password.
  6. Once MD5 is selected, you can type in your new password in plain text on the right.
  7. At the bottom of the page, click the “Go” button.

That’s all it takes to completely change your WordPress password from the database, I hope it’s helpful!