From time to time, we need to reset user’s password because user forgets his / her password on a WordPress website. There are few ways to do so. Either use “Lost your password?” function on login page to reset the password, or to change password with the help of one of the site administrators. In very rare cases, none of this works.
I have few hands-on experience with the special situation. The WordPress site was hacked, user couldn’t retrieve the “reset password link” because the email address was changed. In such a scenario, the only solution is to reset user password manually. To do so, we use phpMyAdmin to interact with MySQL database directly.
Step 1: Identify the name of WordPress database. We can always get the database name by checking the record in wp-config.php.
Step 2: Login to phpMyAdmin from CPanel.
Step 3: Locate the WordPress database at the left pane, and find the table wp_users. (If you use different prefix , e.g., myprefix_, look for myprefix_users)
Step 4: Find user in user_login, and click Edit. (You should have noticed that, user password is encrypted).
Step 5: In the edit screen, you can change password, enter new email address (if it was hacked). Before saving, click function drop-down list for user_pass, and make sure MD5 is selected. (WordPress store password as MD5 Hash). Click Go to save the change.
Step 6: Test the new password on login screen, make sure you have properly reset user password.