Support » Fixing WordPress » Newbie Admin Locked Out–Lost Password & Can't Get New One

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Andrew Nevins


    I’m on a Mac OSX, but honestly get panic attacks when it comes to fiddling about with coding much less understanding what I am doing in that realm. I will ask my spouse, who does, to look at that portion of the link you sent. I will report on whether that leads to a fix. Thank you kindly for the prompt response to my query.
    Still miffed at self.

    Moderator Andrew Nevins


    Reporting back.
    My husband was able to log in under my username on his machine and a proper e-mail was generated, which came to my inbox, allowing me to reset my password, although I had to go through a few additional steps with cut and paste, etc. to complete the process.
    So, I am back as Admin with a working password.

    However, the problem still exists for me using this OSX laptop and for others who lose their password and get the invalid key message. They can’t get in.

    Explanation and code below is what my DH noted and what we need to figure out to fix the problem with Forgot Password :

    After following the link, setting and confirming the new password, we get the following page (leaving out the extraneous <head/> stuff).


    <body class=”login login-action-resetpass wp-core-ui”>
    <div id=”login”>
    <h1>Carroll Garden Club</h1>
    <p class=”message reset-pass”>Your password has been reset. Log in</p>
    <p id=”backtoblog”>← Back to Carroll Garden Club</p>


    <link rel=’stylesheet’ id=’wp-publication-archive-frontend-css’ href=’′ type=’text/css’ media=’all’ />
    <script type=’text/javascript’ src=’′></script>
    <div class=”clear”></div>

    Note that the value of the href attribute is “”. This is supposed to be “http://hostname/wp-login.php”. Why it works on my husband’s site, and not mine, we don’t understand. He suspects apply_filters().

    The faulty link seems to be coming from the following line of code.

    login_header( __( ‘Password Reset’ ), ‘<p class=”message reset-pass”>’ . __( ‘Your password has been reset.’ ) . ‘ ‘ . __( ‘Log in’ ) . ‘</p>’ );

    This comes from the following code block in wp-login.php.

    case ‘resetpass’ :
    case ‘rp’ :
    $user = check_password_reset_key($_GET[‘key’], $_GET[‘login’]);

    if ( is_wp_error($user) ) {
    wp_redirect( site_url(‘wp-login.php?action=lostpassword&error=invalidkey’) );

    $errors = new WP_Error();

    if ( isset($_POST[‘pass1’]) && $_POST[‘pass1’] != $_POST[‘pass2’] )
    $errors->add( ‘password_reset_mismatch’, __( ‘The passwords do not match.’ ) );

    do_action( ‘validate_password_reset’, $errors, $user );

    if ( ( ! $errors->get_error_code() ) && isset( $_POST[‘pass1’] ) && !empty( $_POST[‘pass1’] ) ) {
    reset_password($user, $_POST[‘pass1’]);
    login_header( __( ‘Password Reset’ ), ‘<p class=”message reset-pass”>’ . __( ‘Your password has been reset.’ ) . ‘ ‘ . __( ‘Log in’ ) . ‘</p>’ );


    login_header(__(‘Reset Password’), ‘<p class=”message reset-pass”>’ . __(‘Enter your new password below.’) . ‘</p>’, $errors );


Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Newbie Admin Locked Out–Lost Password & Can't Get New One’ is closed to new replies.