Difference between revisions of "Change passwords for Wordpress users"

en:Change passwords for Wordpress users he:שינוי סיסמאות עבור משתמשי וורדפרס ro:Modificarea parolelor pentru utilizatorii de Wordpress ru:Изменение паролей для пользователей Wordpress pl:Zmiana haseł dla użytkowników Wordpress ja:ワードプレスのユーザーのパスワードを変更します。 ar:تغيير كلمات المرور للمستخدمين وورد zh:更改 Wordpress 用户的密码 de:Ändern Sie Passwörter für Wordpress-Nutzer nl:Wijzigen van wachtwoorden voor gebruikers Wordpress it:Cambiare le password per gli utenti di Wordpress pt:Alterar as senhas para os usuários do Wordpress es:Cambiar las contraseñas de los usuarios de Wordpress fr:Modifier les mots de passe utilisateurs Wordpress

This article has been created by an automatic translation software. You can view the article source here.

Introduction

It can happen that we forget our user password Wordpress, preventing us from accessing the administration of our site. The sending of mail by PHP being disabled on shared hosting for security reasons, it is impossible to use the "Forgot your password?" function if we have not installed and configured a Wordpress plugin allowing the use of a Server SMTP sending previously. We will see in this tutorial how to change its user password.

Prerequisites

• Slight knowledge of Wordpress
• Administrator of the site
• Access to the Ikoula control panel.

Schedule

Understanding Wordpress

Wordpress works with a database; each user has a line associated with them in the database configured when the site was installed. Moreover, for security reasons, all user passwords are "hashed", i.e. unreadable for humans; Wordpress takes care of converting memorable passwords into strings that are impossible to understand when we try to connect, in order to check if there is a match between the user and the password we enter and the data in the database: does the user exist? If so, does the password entered match the one stored?

Accessing PhpMyAdmin

The Ikoula control panel offers a direct link to the administration of your databases:

• Connect to the Wordpress control panel
• Select your service, your website
• In the right-hand menu, click on "Database".
• Select the database used by Wordpress (check the wp-config.php file if you have any doubts about this information)
• Click on "Phpmyadmin".

Modify the field

You are now in Phpmyadmin; it is an interface allowing you to modify directly the data of your databases, in a graphic way. Before continuing, it is important to understand the "hash" mechanism of Wordpress.

A hash is a value modified by a particular algorithm of a character string. This returned value will always be the same as long as the original string is not modified. For example: the string "ikoula" is equal to "1566ba4ce31680b81978f821441bcc9e" in md5, and will always be. On the other hand, if we add the capital letter to Ikoula, we get a completely different hash: "c3280968c05da7fe2787267425343f64".

With this principle in mind, it is easy to understand why this system is used to hide sensitive data on most websites. Moreover, there are many hash algorithms: md5, sha1, sha256, sha512, crypt...

Wordpress uses a hash system based on md5: once the password is entered, Wordpress takes care of making it even more complex with a chain inherent to the Wordpress files, thus ensuring an indeterminable password.

Find its fields

Back to Phpmyadmin, find in the left column of the interface the "table" xxxxx_users, where xxxxx is the common prefix for all the tables of the database. Click on xxxxx_users, then find your user:

In red, this is the username; in orange, the hashed password.

Generate a hash

As previously mentioned, Wordpress would not recognize a normal password: we must therefore generate an "md5" hash of our password: you can obtain the hash of your password on a site such as http://md5.cz . You can also generate an md5 hash by creating a "crypt.php" file at the root of your hosting and insert the following code, modifying "password":

<?php
$passwd = "motdepasse";
echo md5($passwd);
?>

You can retrieve your hash by browsing to http://votredomaine.com/crypt.php, this is the only visible line.

Modifier sur Phpmyadmin

De retour sur Phpmyadmin,cliquez sur l'ancien mot de passe, puis remplacez le contenu de la case par le hash md5 que vous avez généré. Cliquez en dehors de la fenêtre pour backupr la modification. Nous vous conseillons de tout de même garder le hash de l'ancien mot de passe de côté au cas où.

Conclusion

You should now be able to log into the Wordpress administration with your new password.

Résumé des opérations

1. Connect to the control panel Ikoula.
2. Pick your service, and go to "DATA BASES"
3. Click in "Phpmyadmin" and acces is interface.
4. Find and select the table "xxxx_users" ou xxxx is the common prefix of the tables.
5. Generate a hash of your new password, for example on http://md5.cz ou par script PHP.
6. Replace the old password string with the new one on Phpmyadmin.
7. Save by clicking outside the edit field.
8. Check that we can log in with the new password.

This article seemed you to be useful ?