Support » Fixing WordPress » Recover Password

  • I’ve recently upgraded my wordpress version to 3.1. One of my users has forgotten their password. My objective at the minute is to recover the password, not to reset it.

    Basically, what I want is to know how to retrieve the password from the database. All the websites with tutorials talk about it being an MD5 hash. However, the passwords for all of my users start with $P$B (in phpMyAdmin of course) which is clearly not part of an MD5 hash. Also, some of them have a / in them, which again is not an MD5 character.

    So I’ve tried putting the password ‘keys’ into many different MD5 decrypters and none of them work with these. Suggestions please?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Basically, what I want is to know how to retrieve the password from the database.

    You can’t. It’s one-way encrypted.

    It is not an MD5 hash anymore, it’s encrypted using the PHPass library.

    And recovery of it is *not* possible. Forget about even trying. PHPass isn’t perfect, but it’s a darned sight better than MD5.

    Thanks for the update, Otto. How might this affect anyone who is try to reset their password via the PHPMyAdmin method?

    Replacing the password with an MD5 hash will allow the password to work (WP is backwards compatible there), however on the first login using that new password, the MD5 hash will be replaced with the more secure PHPass hash of the same password.

    Nice! 🙂

    If you’re interested, the code that does this replacement is in wp_check_password() in pluggable.php.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Recover Password’ is closed to new replies.