Wordpress 15 July 2026 5 min read

WordPress Log In: What To Do When You Can’t Get In

Being locked out of your WordPress log in is one of those things that feels urgent the moment it happens. The site is right there, you can see it, but the admin dashboard is completely out of reach. Before you do anything drastic, most lock-out situations come down to a handful of causes, and most of them have a straightforward fix. This guide walks through each one in plain English, in roughly the order you should try them.

On this page
  1. Start With the Obvious: Wrong Credentials
  2. Use the Password Reset
  3. Reset Your Password Through phpMyAdmin
  4. Add a New Admin User via FTP
  5. Check Whether You Are Locked Out by a Security Plugin
  6. What If the White Screen Appears Instead of the Login Page
  7. One Thing Worth Knowing Before All of This
Share:

Start With the Obvious: Wrong Credentials

This sounds too simple, but it catches a lot of people out. WordPress usernames are case-sensitive. If your username is Simon with a capital S, typing simon in lowercase will fail every time. The same applies to passwords. Before you go further, double-check that your caps lock is off and that you are typing into the right field.

Also worth checking, are you pointing at the right login URL? The standard WordPress login page lives at yoursite.com/wp-admin or yoursite.com/wp-login.php. Some security plugins move the login page to a custom address. If that is the case on your site, the standard URL will simply return a 404 page rather than anything helpful.

Use the Password Reset

If you cannot remember your password, the reset link on the login page is the cleanest route. Click “Lost your password?”, enter your username or the email address on the account, and WordPress sends a reset link. Check your inbox, including your spam folder, because it can land there.

If that email never arrives, the problem is usually with your server’s mail configuration rather than WordPress itself. Many hosting setups do not have outgoing mail configured properly out of the box. If that is the case, you will need to go a level deeper.

Reset Your Password Through phpMyAdmin

When the email route is not working, you can reset your password directly in the database. Log in to your hosting control panel (cPanel or equivalent), open phpMyAdmin, and select your WordPress database.

Open the wp_users table (the prefix might differ if it was changed during setup), find your username, and click Edit. In the user_pass field, select MD5 from the function dropdown and type your new password into the value field. Save the row. That password is now live. Go back to /wp-admin and log in with it.

This feels technical the first time, but it is a standard procedure and you are not breaking anything. The database is just a spreadsheet when you look at it that way.

Add a New Admin User via FTP

If phpMyAdmin access is not available, you can create a fresh admin user by editing a theme file directly over FTP. Connect to your server using an FTP client, navigate to your active theme folder inside wp-content/themes/your-theme/, and open functions.php.

Add the following snippet to the top of the file, just below the opening <?php tag:

add_action('init', function() {
 if (!username_exists('tempuser')) {
 $id = wp_create_user('tempuser', 'ChangeMe123!', 'temp@yourdomain.com');
 wp_update_user(['ID' => $id, 'role' => 'administrator']);
 }
});

Save the file, visit any page on your site to trigger the code, then log in with those credentials. Once you are in, go straight to Users, update your original account or create a permanent one, and remove that snippet from functions.php. Do not leave it there. If you want a deeper understanding of how WordPress site structure affects performance and security, the work happening at the technical level beneath a WordPress site is often what separates a stable setup from a fragile one.

Check Whether You Are Locked Out by a Security Plugin

Several security plugins, including Wordfence and Limit Login Attempts, will block an IP address after a number of failed login attempts. If you have been trying repeatedly and suddenly cannot even see the login form, this is likely what has happened.

The fix is to temporarily disable the plugin via FTP. Go to wp-content/plugins/ and rename the plugin’s folder, for example from wordfence to wordfence-disabled. WordPress will deactivate it automatically. Log in, then rename the folder back and reactivate from the Plugins screen. Your IP should be cleared once you are back inside.

What If the White Screen Appears Instead of the Login Page

A white screen on the login page usually points to a PHP error rather than a credentials problem. This can happen after a plugin update or a PHP version change on the server.

Enable WordPress debug mode by editing wp-config.php over FTP. Find the line that reads define('WP_DEBUG', false); and change false to true. Reload the page. You should now see an actual error message rather than a blank screen, which tells you exactly what to fix. Slow or broken admin pages are sometimes a separate issue, and understanding what makes a WordPress site drag can help you rule out performance-related causes quickly.

One Thing Worth Knowing Before All of This

Some of these fixes require server access most people do not have bookmarked. If your host does not offer phpMyAdmin or FTP access easily, or if you are on a managed platform with restricted file access, the options above may not be straightforward. In that case, your host’s support team is the fastest path forward. They can reset credentials at the server level far more quickly than any plugin can.

Getting back in is almost always possible. Work through it methodically rather than trying everything at once, otherwise it becomes very hard to tell what actually fixed it.

Share:

Ready to take the next step?

Get in touch today and find out how we can help.

Get In Touch
Privacy Overview

Yorkshire Design uses cookies so that we can provide you with the best user experience possible.

Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.