Restoring Your WordPress 2.5 Password in the Database

WordPress 2.5 introduced a much more thorough password-hashing algorithm with PHPass. That is great for security, but I was afraid that it would make restoring your WordPress password in the database almost impossible. You see, prior to 2.5, if you needed to reset your password, you could just hash it using md5 and put it directly in the wp_users table, as described here.

The good news—surprisingly—is that you can still do that in 2.5, as DD32 pointed out on the WordPress hackers mailing list. You can thank wp_check_password(), which checks to see if your stored password is still in md5 form, and if so, it lets you log in and then converts it.

Post a Comment

Your email is never published nor shared. Required fields are marked *