Skip navigation.
Home
Free Online Computer Help Community

How to reset your Wordpress administrator password using various methods. These help you with restoration!

Computer Help's picture

The problem with Wordpress producing invalid link codes in the password restoration feature of the administrator account


A few weeks ago, I helped a client while I was at my job reset his Admin Password for the Wordpress blogging script that he had installed on his hosting account. He was unable to do this because every time he would use the Wordpress email reset feature, he would click on the validation link in his email, and he would get the following error:

"Sorry, that key does not appear to be valid."


There are actually a few things you can do to fix this. From my research it appears this is caused in older versions of Wordpress 2.02 /through/ Wordpress 2.5.1. There is one main method or solution used to fix this. You can easily find these instructions on the Wordpress website. I will also list these below for your convince. There is also another method that I had to use myself in order to successfully reset the admin password. I had to do this because the solution listed on the website, just didn't work in my exact case.

Inside the Wordpress file [wp-login.php], the problem seems to be that the (user_activation_key) field may contain special characters for it's validation codes. These characters will not work with a URL in most cases. When you are sent an email using these special characters, your web browser may not know how to handle it, or the server simply won't produce them in your password reset request emails. This leaves you with a failed result of regaining administrator access to Wordpress.

I would highly recommend at least trying [Method #1] first, as the community at Wordpress may recommend that you do this first too. You'll gain some additional knowledge on how your password reset function works within your script. If you have already done this, you may want to skip [Method #1] entirely, and proceed with the unconventional method that I used myself. Although mine will take less actions on your part, it may be hard for the novice webmaster to grasp without experience in PhpMyAdmin. For those of you who are not aware of what PhpMyAdmin is, it is simply a feature that is usually built in cPanel or was installed by the web host. When you have access to this, your able to look at details and information within your database. As you may already know, most of the information you have inputted into your blog is injected into a database on your server.

The two methods and solutions for fixing this problem:

Okay, First we are going to perform the instructions that have been recommended by the open source developers on the Wordpress 'Bug Report' website. You can view these instructions directly on their website here: http://trac.wordpress.org/changeset/7837 or you may follow my more detailed instructions listed below.

Method/Solution #1:

1.) Download a copy of these files to your computer so you may edit them using a text editor like (Notepad) or similar:

- wp-login.php
- wp-includes/pluggable.php

You may also do this if you have SSH or View file access directly to the files above.

2.) Open file wp-login.php using your text editor of choice. Go to line (96) in the file or search for the following code:

Line 96:        $key = wp_generate_password();

You need to replace this line of code with the new code I have listed just below:

Line 96:        $key = wp_generate_password(20, false);

After you have made the slight changes to wp-login.php, go ahead and save your changes.

3.) Open file wp-includes/pluggable.php using your text editor of choice. Go to line (1171) in the file or search for the following code:

Line 1171:function wp_generate_password($length = 12) {
Line 1172:    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()";

Now you will need to replace these two lines of code on lines (1171 & 1172) with what I have listed below in green:

Line 1171:function wp_generate_password($length = 12, $special_chars = true) {
Line 1172:    $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
Line 1173:    if ( $special_chars )
Line 1174:        $chars .= '!@#$%^&*()';

LEGEND:
RED = Code to be replaced.
GREEN = New code that you should insert.

You will notice a (two) extra line were needed to complete this. Simply just hit the enter key after inserted the a new line. This will allow you an additional new line to add code into. The two new line numbers will be inserted into line positions - (1173 & 1174).

If for some reason you cannot figure out how to do the above, you can download the files that have already been modified at this link: http://computerquestionhelp.com/system/files/changeset_r7837.zip

Method/Solution #2:

1.) Login to PhpMyAdmin. If your not sure if you have this on your hosting account, ask technical support how you can access this on your account.

2.) Choose your data base that Wordpress uses. The name may have a prefix like 'wrdp1' if you used something like Fantastico script self install.

3.) Now you want to choose the table 'Users'. Depending on what version of PhpMyAdmin that your using, the position where you click may vary. In my version it's on the left menu under my Wordpress database. Go ahead and select the 'Users' table once you find it.

4.) Now a new page should load showing all of your usernames, encrypted passwords, e-mail address, date that the users registered, etc. You will want to click on the [Browse] function at the top, once you have reached this point of the instructions.

5.) Now on this page you will want to locate the administrator account. This could be named anything. This would be the very first account you created when you installed your Wordpress script onto your hosting account. Once you have located this user account in the list that's shown to you, click on the 'Pencil Icon' or 'Edit' feature that's next to that username. Clicking this will allow you to make data changes to this specific user.

6.) Another new page should load that shows you values of information associated with the user you selected. We want to change the password to something you know. However, it is very important that you don't just remove the old one, and type a new one in. The password that you currently see is encrypted for security and protection. Adding in a non encrypted password will end a result where it won't work most likely, and it won't be secure. Now that you understand this, were going to change the old password to a new encrypted password that we can use to gain access to your admin section located at http://www.yourdomain-name.com/wp-login.php

7.) Look for 'user_pass' on the left and 'Value' at the top right. Where these two things meet, you will see your encrypted password that looks like a bunch of gibberish. Were gonna highlight this string of text and clear it out and remove it so we have a empty space.

8.) Now we are going to type in the password we want to use for the user in this field.

9.) Now to left you will see a drop down menu for a [Function]. In this menu, we're gonna select the [MD5] function.

10.) Once you have completed everything listed above in great detail and your sure you followed everything correctly, click the [GO] button. This will take the password you entered, encrypt it, and save it.

*NOTE*
On some versions of PhpMyAdmin, it may be necessary to hit an additional [GO] or [Save Changes] button after your password has been encrypted by hitting [GO] the first time. Try to use common sense if this extra step is necessary or not. However, if you mess this step up or not I don't think any damage to your database will occur.

*NOTE*
If you have no clue what is going on, or what your doing in regards to the instructions above, you should consult help with your Web Host's Technical Support. You may want to show them this page if Method/Solution #1 didn't work out for you.

FEEDBACK:

If you think I missed any details that should be added let me know. I'm also interested in anyone who has used another unconventional method of doing this. I would love to add your story to this page in another revision publish.

Feel free to visit our forums and see what this website has to offer. Feedback is also important, if this article helped you, or didn't help you, let us know. We can't make any improvements without your input. You can do this by posting a comment below as a Guest, or you can register a free account and post on the forums as well.

I hope to meet some of you whom may be considering to register to this unique community we're building!