If you’ve been locked out of your WordPress site—whether due to hackers deleting your admin account or forgetting your credentials—you can regain access by creating a new admin user directly in the database using MySQL.
Before making any modifications to your MySQL database, always back it up to prevent data loss. Once you regain access to your website, you may want to follow our beginner’s guide to fixing a hacked WordPress site. Now, let’s go through the process of adding an admin user to the WordPress database via MySQL. First, we need to access phpMyAdmin.
To restore access, you can create a new admin user via phpMyAdmin, a web-based tool for managing MySQL databases. phpMyAdmin provides an interface that allows you to run SQL queries, manage users, and import/export data directly in your web browser. Most major WordPress hosting providers offer phpMyAdmin, typically found under Databases in your hosting control panel (e.g., cPanel or Plesk).
How to Find the phpMyAdmin URL
If you don’t know how to access phpMyAdmin, try these methods:
- Check your hosting control panel – Most hosts include phpMyAdmin under “Database Management” or “MySQL Databases”.
- Try common URLs – Sometimes, phpMyAdmin is accessible through:
http://yourdomain.com/phpmyadminhttp://yourdomain.com:2082/phpmyadminhttp://yourdomain.com:2083/phpmyadmin
- Ask your hosting provider – If you can’t find the URL, contact your host’s support for assistance.
- Local server installation – If you’re using a local server (e.g., XAMPP, WAMP), phpMyAdmin is available at
http://localhost/phpmyadmin.
Accessing phpMyAdmin
Down you can see how can look like admin of our hosting provider (Cesky-hosting.cz), where you can see phpMyAdmin URL – for each hosting this will be different, so it is just as an example:
Once you open phpMyAdmin (e.g., via https://mysql.spolehlive-servery.cz/), you’ll see the database dashboard. To proceed, you’ll need your WordPress database name, username, and password, which can be found in your hosting panel. If necessary, you can create or modify these credentials.
Once logged in, you will see all the tables in your WordPress database. The two key tables to edit are wp_users and wp_usermeta.
Adding a New Admin User in wp_users via phpMyAdmin
Locate the wp_users table (some databases use a custom prefix, so it may appear as prefix_users instead of wp_users).
Find a table containing fields like ID, user_login, user_pass, user_nicename, user_email, and similar. This table stores all registered WordPress users.
Steps:
- Click “Insert” at the top of the screen.
- Fill in these fields:
- ID: Choose a unique number (e.g., 3).
- user_login: The new username.
- user_pass: Add a password and select MD5 from the function menu to encrypt it.
- user_nicename: A user-friendly nickname.
- user_email: The email (used for password recovery).
- user_url: Your website URL.
- user_registered: Choose the date/time.
- user_activation_key: Leave blank.
- user_status: Set to 0.
- display_name: Enter the full name.
- Click “Go” to save the new user.
Assigning Admin Privileges in wp_usermeta
After creating the user, you must grant administrator rights.
- Open wp_usermeta.
- Click “Insert” and enter:
- unmeta_id: Leave blank.
- user_id: Use the same ID (e.g., 3).
- meta_key: Enter wp_capabilities.
- meta_value:
<code> a:1:{s:13:”administrator”;s:1:”1″;} </code>
This grants admin privileges.
- Insert another row with:
- unmeta_id: Leave blank.
- user_id: Use the same ID.
- meta_key: Enter wp_user_level.
- meta_value: 10 (admin access level).
- Click “Go” to save changes.
Now, you can log into WordPress using the new credentials.
Why Use MD5 for Passwords?
MD5 converts passwords into a fixed-size encrypted string. While still used in MySQL, MD5 is no longer secure. For better security, use SHA-256 or bcrypt.
Adding an Admin User Using an SQL Query
For developers, this method is faster. Run the following SQL query in phpMyAdmin:
INSERT INTO databasename.wp_users (ID, user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, display_name)
VALUES ('3', 'demo', MD5('demo'), 'YourNicename', 'demouser@demouseremail.com', 'http://www.krcmic.com/', '2024-06-01 00:00:00', '', '0', 'YourName');
INSERT INTO databasename.wp_usermeta (umeta_id, user_id, meta_key, meta_value)
VALUES (NULL, '3', 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');
INSERT INTO databasename.wp_usermeta (umeta_id, user_id, meta_key, meta_value)
VALUES (NULL, '3', 'wp_user_level', '10');
Replace databasename with your actual database name.
Adding an Admin User via FTP (functions.php Method)
If phpMyAdmin isn’t accessible, you can add an admin user via FTP.
Steps:
- Connect to your site using an FTP client (e.g., FileZilla).
- Navigate to:
/wp-content/themes/your-theme/ - Download and open the
functions.phpfile. - Add the following code at the bottom:
function wpb_admin_account() {
$user = 'Username';
$pass = 'Password';
$email = 'your@email.com';
if (!username_exists($user) && !email_exists($email)) {
$user_id = wp_create_user($user, $pass, $email);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
}
add_action('init', 'wpb_admin_account');
- Change these values to credentials and email you would like to use:
$user = 'Username';
$pass = 'Password';
$email = 'your@email.com';
- Save and upload the updated
functions.phpfile. - Log in to WordPress using the new credentials.
- IMPORTANT: After logging in, remove the code from
functions.phpto prevent it from running again.
Final Notes
- If your database uses a custom table prefix, update
wp_usersandwp_usermetaaccordingly. - Always back up your database before making any changes.
- Click “Go” in phpMyAdmin to execute the queries.
- If an error occurs due to a duplicate user ID, use a different unique ID.
With these methods, you can quickly regain admin access to your WordPress site.