Forgot Password request sends wrong key?

Thanks so much for the reply.

Yes, the the link is the same as what you indicate, with my correct username at the end.

I tried both directly from the email, and by copying the link into my browser.

I don’t know anything about using myphp and those instructions are something I’d rather avoid if there is some other way.

Thanks very much for the link though – if all else fails, I might have to try it.

The problem is that I know the passwords I entered are correct, and I still want to know why it’s sending an invalid key.

I’m the only registered user on either of my sites – I’m the admin. I don’t have users, just me. And the email addresses are correct, or I wouldn’t have received the notice in the first place.

I suspect it’s likely something I’ve done without realizing it, so I want to try and fix it because … I wouldn’t want to have to go through the myphp settings if I run into this again.

uh, well … I have no idea how to manually turn off any plugins.

I’m sorry but … wordpress is pretty new to me. I’m kind of a dorky old lady with this.

I did look at the “myphp” databases and found the user file, but the passwords shown are not the passwords I’ve used, ever. They look like the auto generated ones that you’re given when you first set up wordpress, OR, maybe they’re the ones you’d get when you try to use the email to reset your password.

Is that normal, or should it be actually showing the password I had set on June 7th?

I don’t see anywhere to look at the history the password changes in that database.

Thanks so much.

The page you linked for me also mentions getting an MD5 has for your password.

If I were to type my password of June 7th into that, would it generate the same hash as whats listed in the myphp data base, or would it be completely different?

I’m trying to figure out a way to actually check whether or not the password I created June 7th is the same one as the one that’s in the file, because if it is, the question still is why I can’t login, and that’s probably something unrelated to the password.

If it is, no matter what password I change it to, I still won’t be able to login.

Sorry besides being old and dorky, I can be a little anal sometimes. I have a need to fix broken things 🙂 (also a bit of a control freak).

Thanks so much for all this.

hahaha, actually, I hate it 🙂 I do troubleshooting in the adsense forum, so some troubleshooting steps are probably just instinct I guess.

So I keyed the password for one account into the decrypter – “no go” there, so it’s as you thought.

Then I used the encrypt option on the page linked here:

http://www.miraclesalad.com/webtools/md5.php

It doesn’t even come close to matching what’s showing in myphpadmin.
Next, I tried the password for the other account, just in cased I’d managed (long shot) somehow to switch them.

It doesn’t match the hash in the account either.

Then, I went back to the first site’s login data on my cards and keyed in the password I’d used before changing it on June 7th.

It didn’t match the hash either. In fact, I checked all the previous passwords, and there is no match with the MD5 hash.

Then, I tried all of that again in this page, just in case:

http://md5decryption.com/

No match.

So, I checked the SHA-1 hash generator and didn’t get any matches with that either.

I noticed all the hash results look a lot different in terms of syntax than what’s showing in myphp admin. The hash results are basically all numbers and lower case letters. In myphpadmin it’s showing characters as well, like $ and others, including a / … and I didn’t think you could use a / when choosing characters for a password.

I not sure what I’m seeing in the password part of the file is an MD5 hash … but I don’t know how to figure out what it is.

I looked at the page where you can edit the password in myphpadmin, and it shows there’s a drop down where you can choose something other than md5.

I’d like to try changing it to the password I set on June 7th and then setting as md5. I’m just afraid I’ll get locked out for 48 hours if I try to login and it won’t let me in again. (just wordpress sites do that because of my security settings, not my cPanel).

I’m sorry to keep bugging you. The only other person I could ask about the database lost his mum this morning and I wouldn’t even think of asking him to look at it.

I’ve used ftp for years. My previous sites were built off line (the first one with notepad and html, lol) and uploaded via ftp.

I’ve discovered several web articles where people have had the exact same problem that I’m experiencing after changing a password. For those the culprit was what I thought it might be as well (“limit login attempts”).

Techs instructed them just to delete the plugin from the plugins folder using either ftp or the file manager, so I may just start with that since it appears that it doesn’t seem to affect anything else, and I still have other security measures in place (WLP Simple Firewall and Cloudflare).

However, I want to make sure my password of June 7th is the right one, so I’m going to make that change in myphpadmin as you suggested, first. Then delete the limit login attempts plugin and try to login.

While I liked that plugin, I’m not sure I’ll install it again since it hasn’t been updated for several years. In the support forum a few complaints are showing there also about people getting locked out suddenly after changing their password.

You’ve been a great help, and very patient. I can’t thank you enough. I’ll post back afterwards and let you know if I managed to crawl back into my sites 😀

Back again.

The login isn’t giving me an “incorrect password” now, and I have you to thank for that at least.

Still cannot login though.

Keeps telling me I have to have my cookies enabled. But, like lots of others, I have.

I tried multiple browsers too.

Researched that, followed several instructions to delete w3tc folders if I had any (don’t use that plugin but did try it, and there were folders there).

Reset all my browsers to default settings, disabling all plugins and extension, clearing the cache, restarted the browser (even tried restarting the computer just in case), adding an exception to the browsers to always accept cookies from the login pages on both sites. Left all plugins and extensions off. Disabled all my browser security from things like antivirus and MalwareBytes.

Also went back in and renamed the plugins folder in wordpress in my file manager so the wordpress plugins would be deactivated..

Still can’t get in.

… at the moment, I don’t have much hair left and I don’t know what else to do.

There are some instructions about commenting out certain lines of code in php files etc. but I’m not experienced enough to start messing with that sort of thing.

Can I just say … I hate wordpress at the moment? I’m sure it’s my own fault somewhere along the line but nobody should have this much trouble with what should be a simple software. Rueing the day I moved off blogger … no control there, but at least is was simple, intuitive, and hassle free.

Two sites, and taking the same steps on both because it affected both of them.

I don’t have anything in the ftp folder at all. all my files for wordpress are under the html, and I can access the files through my cPanel.

I didn’t make any changes to the the functions php files. Why would it suddenly be that file?

I’m sort of concerned about what will happen to the public view of my site if I rename theme … won’t the site be a total mess?