locked out of wordpress dashboardAre you locked out of your WordPress dashboard? Can’t access WordPress admin at all? Yikes! I know that can be a scary situation. You spent all that time building your site and now you can’t even access it!

First off – don’t worry. Your site’s data should still be there safe and secure – you just can’t get at it. So, in the vast majority of cases, you’re not going to lose anything! And that should ease your anxiety a bit, I hope.

There’s more good news, too:

You have plenty of options for diagnosing and fixing the issue. And in this post, I’ll walk you step-by-step through what you can do to get back into your WordPress dashboard.

Because there are a few different scenarios for why you might be locked out of your WordPress dashboard, I’ve broken this post into different sections.

If you know exactly what’s happening to you, you can click below to jump straight to a section. If not, just read through the whole post and you should be able to fix the issue!

Some of these steps involved directly editing your site’s database. For that reason, I would recommend backing up your site before performing any changes (if possible – even if you can’t access your WordPress dashboard, your host should be able to help you with a backup).

WordPress Password Doesn’t Work (And Password Recovery Doesn’t Either)

If your password doesn’t work, your first step should be to try WordPress’ built-in password recovery feature, which sends a password reset link to your WordPress account’s email:

WordPress password reset

However, sometimes that feature may not work, either because you no longer have access to that email or the functionality is just plain broken (or sometimes disabled).

If this is your situation, you still have options – don’t worry. But you will need to edit your site’s database directly to fix the issue.

Here’s how to manually reset your password by directly editing your WordPress site’s database.

Step 1: Edit Database Via phpMyAdmin

To edit your site’s database at most hosts, you can use a tool called phpMyAdmin. If your host uses cPanel (which most hosts do), you should be able to access phpMyAdmin directly from your cPanel dashboard:

phpMyAdmin in cPanel

If not, consult your host’s support.

Once you’re in phpMyAdmin, make sure to select your site’s database (if you only have one site, you’ll see one option. Otherwise, you’ll see multiple options).

find your database

If you’re not sure about the name of your site’s database, I recommend consulting your host’s support.

Step 2: Edit User’s Table

Once you’re in your site’s database, click on the wp_users option (the prefix might be different depending on your database – for my example, it’s “wpul”):

wp_users table

Then, find your username by looking at the user_login column and click the Edit button for your username:

Edit username in database

Step 3: Update Password And Apply MD5 Encoding

Now, you should see a list of fields associated with your username. Find the user_pass field. Enter your desired password in the Value field. Then – this is very important – choose MD5 from the Function drop-down.

This ensures that your password is securely stored, rather than stored in “plain text”:

Update password

Once you’re done, click Go at the bottom to update your password.

Step 4: Log In With Your Existing Username And New Password

Now, you should be able to log in to your WordPress site using your existing username and the password that you just entered in the previous step.

Locked Out Of WordPress Because Of Too Many Failed Login Attempts

One common WordPress security tip is to use a plugin or tool to limit the number of login attempts a user can try. After a certain number of failed login attempts, the plugin or tool will block the person, either permanently or for a certain amount of time.

Most of the time, that extra security is good. But it’s not good if you forget your password, guess too many times, and get yourself locked out of the dashboard!

Locked out of WordPress because of too many login attempts

To fix this one, you’ll need to connect to your server via FTP to manually disable the security plugin that’s locking you out.

Step 1: Connect To Your Server Via FTP

To get started, use an FTP program like FileZilla to connect to your WordPress site’s server via FTP:

FTP program

Your host should have a help article explaining how to use FTP if you’re not sure how to do it. For example, here’s SiteGround’s help article.

Step 2: Disable The Plugin That Limits Login Attempts

Once you’ve connected to your server via FTP:

  1. Browse to wp-content/plugins.
  2. Find the folder for the plugin that includes the “limit login attempts” functionality
  3. Right-click on that plugin’s folder
  4. Rename the folder to pluginname_disable

Edit folder with security plugin

When you’re done, it should look like this:

Renamed folder

Step 3: Log In To Your Account

When you rename the folder, it disables the plugin. As a result, you should now be able to log in to your WordPress account like normal as you’ll no longer be blocked.

Step 4: Rename FTP Folder To Original Name And Reactivate Plugin

Once you’ve successfully logged in, you’ll want to reactivate your security plugin so that your site is protected.

To do that, use FTP to rename the folder to its original name. Then, go to the Plugins area in your WordPress dashboard and reactivate the plugin if needed.

Lost WordPress Administrator Privileges? Manually Create A New User!

Another reason that you might be locked out of your WordPress dashboard is a loss of privileges. That is, your account might no longer be an Administrator account, which can happen because of a malicious actor or some mix up with another Administrator at your site.

As long as you can access your site’s hosting account and database, you can manually create a new account with Administrator privileges. Here’s how to do it…

Step 1: Edit Database Via phpMyAdmin

To get started, you’ll need to edit your WordPress site’s database via phpMyAdmin. If you’re not sure how to do that, you can follow the same steps for how to change your password via the database (this link will take you to the proper instructions – just come back here when you have your database open in phpMyAdmin).

Step 2: Edit wp_users Table

Once you’re in phpMyAdmin, find the wp_users table (it might have a weird prefix. And you might have a different list of tables than my test site):

wp_users table

First, check the ID column. This will be important in the next step, where you’ll need to provide a unique ID. In this example, 1 and 2 are already in use, so you would want to choose 3 for the next step:

User IDs

Once you’ve figured out which number isn’t in use already, go to the Insert tab:

Insert tab

Step 3: Create New User Account

In the Insert interface, you can manually create a new user. Here’s how to fill it out:

  • ID – Enter a number here that isn’t already in use by another user. You found this number in the previous step.
  • user_login – the username this account will use to log in.
  • user_pass – once you enter the password, make sure to choose MD5 from the drop-down.
  • user_nicename – the public username that shows up in the WordPress backend.
  • user_email – your email address.
  • user_registered – pick today’s date.
  • user_status – leave as 0.
  • display_name – the name of the user.

How to enter user information

Then, click Go.

Step 4: Edit wp_usermeta And Give Admin Privileges

Now, you have a new account, but it doesn’t have admin privileges yet. To give it admin privileges, you need to go edit the wp_usermeta table:

wp_usermeta

Then, go to the Insert table and configure the fields like so:

  • umeta_id – leave blank.
  • user_id – the user ID that you created in the previous step. For my example, it’s 3.
  • meta_key – enter wp_capabilities
  • meta_value – enter a:1:{s:13:”administrator”;b:1;}

How to enter wp_usermeta

Then, click Go.

And that’s it! You can now log in to your WordPress site with admin privileges by using the username and password that you just created.

500 Server Error, White Screen Of Death, Other Errors

With these issues, you’re not locked out of your WordPress dashboard because of password or privilege issues. Instead, it’s an actual error that means you can’t access wp-admin at all.

Unfortunately, there’s no catch-all solution here. But I can link you to some of the other guides that we’ve written on how to fix these errors:

Once you use those guides to fix the underlying issue, you should be able to access your WordPress dashboard like normal.

Say Goodbye To Being Locked Out Of WordPress!

By implementing the tips above, I hope that you’re no longer locked out of the WordPress dashboard.

With that being said, I realise that these steps are (unfortunately and unavoidably) a little complex at parts.

So if you’re looking for WordPress developers to remove the stress of having to do all this yourself, WP Copilot might just be the service for you!