I just got a copy of a whole WordPress site, including files and database, from a user to reproduce a critical issue. After setting up my local test environment from these files, I had to change the existing admin user’s password since I didn’t know it.

Unfortunately, the local installation was not able to send emails due to missing SMTP settings in my local environment. I couldn’t install a plugin either, since I had no access, yet. So how did I proceed?

Before I started, I wanted to make sure that the site is really not sending information to the existing user, so I replaced the email address in a few places in the database.

  • in the wp_users table change user_email of the admin user into your email address
  • in the wp_options table change admin_email and maybe new_admin_email into your email address

You're using WordPress and would like to get Advanced Ads for free?

Change the password of the admin user

Now, I had to change the password of the existing admin user. While I could read the username in the database, the password is securely stored and not readable.

I decided to use the password reset function on the login page and log the email that the site tried to sent.

First, I had to enable debug logging in wp-config.php by adding or changing the following lines:

Next, I added the following line to my theme’s functions.php file. It simply writes the email information into wp-content/debug.log.

The output in the log file looks like this:

Now I just had to copy the link from the message into my browser to create a new password for the account and use it to log in to the site.

Alternative methods?

I could have asked the client to create a new user and password on his site and send me credentials before creating the backup of his site. This would have allowed me to log in directly.

The Author

Leave a Reply

Your email address will not be published. Required fields are marked *