How to Fix the Locked Out of wp-admin Issue

Being locked out of the WordPress admin or wp-admin screen can be a frustrating issue. You lose the ability to edit your site, publish new blog posts or take care of comments and other administrative tasks.

There are, however, a number of different solutions to this problem, and we’ll go over each of them throughout this article.

Incorrect Password Error on wp-admin Screen

A common error people come across in regards to this issue is being locked out of the WordPress admin after entering an “incorrect password” even though you’ve entered the correct password and attempted to reset your password.

If you attempt to reset your password and receive no email notification asking you to do so, you may be the victim of an attack.

Whatever your reason for not being able to retrieve your password might be, you can reset it manually in phpMyAdmin. It’s a tool that enables you to maintain and configure your MySQL database through a user-friendly interface. If your host uses cPanel, log in, scroll down to the Database section, and click phpMyAdmin.

Use your cPanel username and password to log into phpMyAdmin. Use another tab to log into your site’s file manager. You can also use an FTP client, such as FileZilla. Open your root directory, typically called public_html, and open your wp-config.php file. You may need to download it and open it in a text editor on your computer to view it.

What you need to look for is a define ( ) function with the name DB_NAME. This will let you know the name of your database. This snippet of code is typically located toward the top of your wp-config.php file underneath the large comment telling you what the purpose of the wp-config.php file is.

Go back to the tab where you have opened phpMyAdmin. You’ll find plenty of tabs at the top of phpMyAdmin. Select Databases, and select the database whose name matches the one you found in your wp-config.php file.

You should see a screen with a large table with plenty of values that contain “wp” prefixes. Scroll down until you find wp_users, and click on it. Look carefully. The values in your table may include a few letters between wp and users, such as wp_bjhe_users.

You should now see a smaller table that contains all of the users on your site. Find your main admin user account, and click the Edit button associated with it.

You’ll find your password in the user_pass field, but you won’t recognize it. This is because it’s being encrypted in MD5. Only MD5-hash passwords work in this field, so you’ll need to create your new password using an MD5 hash generator.

Click here to open a basic MD5 hash generating tool. Enter the password you’d like to assign to your admin account in the textbox, and click Generate to reveal your password’s hash string. Copy that hash string, and paste it in the Value column of user_pass in phpMyAdmin.

Click Go at the bottom of the page to save your new password. Make sure you use the password you entered in the textbox to sign into wp-admin, not the MD5-hash version of it.

Locked Out of WordPress Admin Due to Lost Admin Privileges

If you are locked out of the WordPress admin due to your user account not having admin privileges, you may have been hacked. Again, refer to our guide if you believe your site has been compromised.

In the meantime, you’ll need to restore admin privileges to your user account. Use the instructions in the previous section to navigate to the wp_users section of your database.

Once you’re there, click the Insert tab. You’ll find a table with blank values, giving you the ability to create an entirely new admin account. Leave the Function column blank, but set the function for user_pass to MD5.

Here are the values you need to fill in:

• ID – Count the number of users you have, add 1, and enter that as your ID. For example, if you only have one current user, enter 2.
• user_login – Enter the username you’d like to use to access the WordPress admin through wp-admin. Use something other than “admin.”
• user_pass – Enter the password you’d like to use to access the WordPress admin through wp-admin. You do not need to use an MD5 hash generator for this. Setting the function to MD5 will convert the password into an MD5-hash string when you click Go.
• user_nicename – Enter a prettier version of your username, such as your full name. Just make sure it’s something you don’t mind the public seeing. Make sure it also doesn’t match your admin username.
• user_email – Enter the email address you’d like to associate your admin user account with.
• user_url – Enter the URL of the site you’re creating this account for. Make sure it contains http://, not just your domain name.
• user_registered – Select the current date.
• user_status – Enter 0.
• display_name – Enter the name you’d like to display on the blog posts and WordPress comments you publish with this account.

Click Go to create the account.

Configuring Your New WordPress Admin Account

There should be a menu on the left-hand side of phpMyAdmin. Use it to open wp_usermeta, which should be near wp_users. Click the Insert tab when you open it.

Configure the following settings:

• unmeta_id – Leave blank.
• user_id – Enter the ID number you gave your new user account.
• meta_key – Enter wp_capabilities.
• meta_value – Enter a:1:{s:13:”administrator”;s:1:”1″;}

Click Go to save your settings.

Click Insert again, and enter the following settings:

• unmeta_id – Leave blank.
• user_id – Enter the ID number you gave your new user account.
• meta_key – Enter wp_user_level.
• meta_value – Enter 10.

Click Go to save your settings.

Log into wp-admin using the new user account you created. Open the Users page, and open the Edit page for that user. Take a close look at the information to make sure everything looks okay, and click Save Changes once you’re done.

Issues with Security Plugins and the wp-admin Login Screen

Some security plugins allow you to limit the number of attempts a user can make to gain access to your site. While this does block hackers who simply navigate to your site’s wp-admin screen and attempt to log in with various passwords, it can also lock you out by accident.

If you suspect you’re having an issue with a security plugin, log into your host’s file manager or connect your site to an FTP server with such FTP clients as FileZilla and Cyberduck.

Open your site’s root directory, typically called public_html. Open the wp-content folder, and open the Plugins folder. Right-click on the security plugin’s folder, and rename it to deactivate it.

Try logging into your site. If you cannot, you may have to wait for the block on your account to be lifted. These types of plugins allow you to pick the amount of time a user gets blocked from your site when they fail to log in correctly too many times. If you believe this is your issue, decrease the amount of time a user gets blocked for to 5-10 minutes once you gain access to your site.

If you’re unable to pinpoint what the issue is, try using the instructions in the previous section to create a new WordPress admin user account.

Error Establishing a Database Connection

Try to navigate to other pages of your website. If you have trouble accessing your entire site as opposed to just wp-admin, you may have an error establishing a database connection.

Freddy Muriuki has written an entire tutorial on how to fix this error in WordPress, so make sure you check it out if you’re experiencing this issue.

White Screen of Death

You may be experiencing this issue as the result of the slightly terrifying white screen of death. If you see nothing but white on the wp-admin login screen, you’re probably experiencing this issue. This is especially true if you see it on other pages as well.

Faulty Plugins

A faulty plugin could be the cause of this issue. Log into your host’s file manager or use an FTP client to find your Plugins folder. Once you do, rename it to anything you want to deactivate all of your plugins.

Try navigating to your site now. If you can log in with no issues, your error is being caused by a plugin. Re-activate each plugin one by one, refreshing your site after each activation, to see which one is causing the issue. Once you find it, decide if you can discard it. If you can’t, find a replacement for it or contact its developer.

Faulty Theme

Themes can be coded poorly as well, especially if you don’t update them and WordPress core enough. Make sure you have a default theme installed on your site, and rename your individual theme’s folder to deactivate it.

If you no longer see an issue and can log into your site just fine, you need to fix your theme. Contact your theme’s developer if it’s a premium theme.

Increase Your Site’s Memory Limit

Your host places a limit on the amount of memory your site is allowed to use. This is especially true for shared hosting providers. You may experience the white screen of death once you hit that limit. There are a number of different things you can do to fix this error.

Parse Error Syntax Error Causing wp-admin Issues

You may be experiencing this issue due to a syntax error in one of your files. Your site should display a “parse error: syntax error” message if so. Check out this guide to learn how to fix this error in WordPress.

Preventing the Locked Out of WordPress Admin Issue

If you lost access to wp-admin due to issues with your admin account, make sure you create a second backup admin account once you get back in. That way if you have posts to submit and edits to make, you won’t experience any downtime while you sort out the issues you’re experiencing with your main admin account.

Did any of these solutions solve your issue? Let everyone know in the comments!