Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Webmaster / Tips and Tricks

Tips and Tricks

MD5 Passwords Encryption

Methods to reset login password for WordPress

By Catalin Bocanu, Web News Editor

26th of May 2008, 15:17 GMT

Adjust text size:


Editing user_pass Field Using phpMyAdmin
Enlarge picture
The strength of passwords, as well as their encryption mechanism, is crucial for the security of database driven applications. If you own a website constructed on a ready-made content management system architecture, the back-end administration password will always be protected by using a certain type of encryption mechanism.

In the case of the WordPress platform, as well as in that of many
other content management systems, passwords are stored in the database encrypted with the MD5 encryption algorithm. This way, anyone who would crack the MySQL database login system, would not find out the plain text version of the password because MD5 is a one-way encryption algorithm. As a consequence, the login password necessary to access the WordPress administration panel cannot be recovered, just reset.

If you happen to forget the login password for a known username associated to a certain WordPress installation, there are a few methods to reset it. The simplest one would be to use the automatic script that requires you to know the username and a corresponding valid email address existing in the MySQL database.

In case the PHP installation does not have the email function enabled or the email address is not valid, the manual reset procedure must be performed. You will need an MD5 hash generator (there are many of them free and available online like Epleweb, for example) and administrative rights for the MySQL database containing WordPress data.

By using a MySQL database manager like phpMyAdmin or MySQL Query Browser, select the table called wp_users from the WordPress database, and then click the browse button and select the record that you need to edit. In the user_pass field, the MD5 hash value corresponding to the plain text version of your password must be pasted and the modifications must be saved. The password can be also reset with the help of a script.

In conclusion, it is recommended you choose an easy to remember password for your WordPress user account, one that you must change often. In case that none of the password reset mechanisms work, you will have to reinstall the WordPress application.

TAGS:

 WordPress | Content Management System | Password Encryption | Password Security | MD5
Read by 8,456 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Fair (2.4/5) 7 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Installation of a PHP BitTorrent Tracker on Windows

Free Automatic Data Backup Using Unlimited Disk Space

A Single "Crack" For Any VistaPanel

An AJAX Free Remote File Management Tool

Random Numbers in PHP

A Promising Alternative for Google Reader

" Burn " Remote Files with FireFTP for Mozilla Firefox

Jump Over Website Authentication System with a Single Mouse Click!

Could Login Passwords Be Cracked?

Is Joomla! The Best CMS on the Planet?

User opinions:


Comment #1 by: voor on 26 May 2008, 21:03 GMT reply to this comment

Uhhh... MD5 is NOT an encryption algorithm, it's a one-way hash function.


Comment #2 by: voodoo on 27 May 2008, 07:52 GMT reply to this comment

Agreed with voor, and MD5 is considered to be obsolete, since it has been partially broken. SHA-2 class hash algorithms are the way to go.


Comment #3 by: Vooroo on 01 Oct 2008, 18:46 GMT reply to this comment

I agree with the two kids that posted before me.


Comment #4 by: Adam on 29 Oct 2008, 20:13 GMT reply to this comment

First, let me preface this by saying the previous posts are correct.

That being said, who cares? This article is clearly meant for people who don't know much about encryption. So for the intended audience, why does it matter if MD5 is an encryption algorithm or a one way hash?

Also, this article is written with the intent of conveying WordPress' password management. It does not go into the merits of different encryption schemes. While SHA-2 is certainly better than MD5, it's MD5 that WordPress uses.

Incidently, MySQL has built-in Encryption Functions. An easier way to update a password is to just run this query:

update wp_users set user_pass=MD5('somepassword') where user_login='someuser';


Comment #5 by: Bryan Eye on 01 Jan 2009, 12:06 GMT reply to this comment

@Adam - "Who cares?" Not enough. If more people cared, we'd live in a better world. Why does it matter if "correct" information is propogated? A more informed public means a better world. With all due respect, you suggest that for a newbie audience, it's okay to represent terms loosely... that is the exact audience which correct definitions and representations would benefit most. I know I'm being picky here, but I just thought I would write a comment saying that "I care". =)

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive