How to Add an Admin User to the WordPress Database via MySQL

How to Add an Admin User to the WordPress Database Using phpMyAdmin

Have you found yourself locked out of your WordPress admin dashboard with no way to log back in? Maybe a hacker deleted your admin account, or you simply forgot the password to your site. Don‘t panic! As long as you still have access to your WordPress database, you can create a new admin user and regain control of your site.

In this in-depth tutorial, we‘ll walk you through the steps to add a new administrator user directly to your WordPress database using a tool called phpMyAdmin. With a new admin account, you‘ll be able to log in and secure your site.

Before we begin, it‘s crucial to note that directly editing your WordPress database comes with risks. One wrong move could break your entire site. Always make a complete backup of your WordPress files and database before making any changes. If possible, create the new admin user on a staging site first to test it before applying the changes to your live site.

What is phpMyAdmin?

phpMyAdmin is a free, web-based interface for managing MySQL databases. Most WordPress hosting providers include phpMyAdmin as part of their control panel, as it allows users to administer their databases through an intuitive GUI instead of command line.

If your host uses cPanel, you can find the phpMyAdmin tool under the "Databases" section. Other popular hosting control panels like Plesk or custom solutions will usually have a clearly labeled phpMyAdmin option as well. If you‘re not sure where to find it, consult your hosting documentation or reach out to their support team for assistance.

Step 1: Access phpMyAdmin and Select Your WordPress Database

Log into your hosting control panel and open the phpMyAdmin tool. On the left-hand side, you should see a list of databases on your server. Click on the one associated with your WordPress site. If you only have one WordPress site set up, it will likely be the only database listed.

After selecting your database, phpMyAdmin will load its tables on the right side of the screen. You should recognize the default WordPress table prefix, which is wp_ unless you changed it when installing WordPress.

To add our new admin user, we‘ll be working with two core WordPress tables:

• wp_users, which stores basic user information
• wp_usermeta, which contains additional metadata about each user, including their assigned roles and capabilities

Step 2: Add a New User to the wp_users Table

Let‘s begin by inserting a new user into the wp_users table. Click on the "wp_users" table name to open it, then select the "Insert" tab along the top menu to bring up a form where we can enter our new user details.

Here are the values to populate for each field:

• ID: This must be a unique number not already assigned to another user. Check the existing user IDs and pick the next available number.
• user_login: Enter the username you want to use to log into WordPress. Keep it simple but hard to guess.
• user_pass: Choose a strong password and be sure to select MD5 from the "Function" dropdown to secure it with a hash. Don‘t forget to record this password as you‘ll need it to log in later!
• user_nicename: This is a display name that will be shown publicly on your site. Usually the user‘s first and last name work well here.
• user_email: The email address you want to associate with this admin account. Enter a valid address in case you need to recover the password via email later.
• user_url: If this admin user has a website, you can link it here. Otherwise, just enter your site‘s URL.
• user_registered: The date this user was registered, which will be today‘s date. Click the calendar icon to select it easily.
• user_activation_key: Leave this field blank.
• user_status: Set this to a "0".
• display_name: Repeat the value you entered in the user_nicename field above.

When you‘re finished, click the "Go" button to execute the insert statement and add the new user.

Step 3: Define the New User‘s Capabilities

We‘ve created the admin account, but it doesn‘t have any special privileges yet. To grant it administrator capabilities, we need to add some additional metadata to the wp_usermeta table.

Similar to the last step, click on the "wp_usermeta" table name in the left column, then go to the "Insert" tab to access the entry form. This time, we‘ll add two separate records to define our new user‘s capabilities and permissions.

For the first entry, fill in these values:

• umeta_id: Leave blank to automatically generate a new, unique ID
• user_id: Enter the same user ID number you used when adding the user to the wp_users table
• meta_key: Enter the value "wp_capabilities" here
• meta_value: Input the following text: a:1:{s:13:"administrator";b:1;}

Then, click the "Go" button to save the first user metadata record.

On the next screen, you‘ll see empty fields to input a second metadata entry. Here are the values for this final piece:

• umeta_id: Leave blank again
• user_id: User the same user ID as the previous two entries
• meta_key: This time, enter "wp_user_level"
• meta_value: Simply put a "10" here, which is the user level assigned to administrators

Click "Go" one more time to finish adding our admin user. That‘s it! We can now test logging into WordPress with our new account.

Step 4: Log In and Secure Your Site

Visit your WordPress login page (usually located at yourdomain.com/wp-admin) and enter the username and password you set for the new admin user.

If everything worked properly, you should now be logged in and redirected to the WordPress dashboard. You‘ve successfully regained access to your site!

But don‘t relax just yet. Since you needed to create a new admin user, there may be some underlying security issues to investigate and harden.

The first thing you should do is thoroughly review all existing users on your site. Delete any unauthorized or suspicious accounts, and change the passwords for all legitimate users.

Next, update all of your WordPress core files, plugins, and themes. Hackers often exploit vulnerabilities in outdated software to gain unauthorized access. Keeping everything updated is one of the best ways to protect your site.

After updates, run a complete malware scan using a security plugin like Wordfence or Sucuri Security. If you do find any infected files, your web host may be able to help clean things up. Consider hiring an expert to perform a more comprehensive security audit to identify any potential backdoors or remaining vulnerabilities.

Finally, implement WordPress security best practices such as:

• Enforcing strong passwords for all accounts
• Installing SSL and enabling HTTPS
• Enabling two-factor authentication
• Limiting login attempts to protect from brute force attacks
• Disabling file editing from the WordPress dashboard
• Regularly backing up your full site and storing copies off-site
• Monitoring for unauthorized file changes and suspicious user activity

Hopefully you never find yourself locked out of your WordPress site again, but if you do, you now know how to regain access by adding a new admin user with phpMyAdmin. Carefully follow the steps in this guide and your site will be back under your control in no time.

Alternative Method: Adding an Administrator User With a SQL Query

If you‘re comfortable working with SQL, you can create a new WordPress admin user even faster with a single query. Just carefully replace the placeholder values with your own:

INSERT INTO wp_users
(user_login, user_pass, user_nicename, user_email, user_registered, user_status, display_name)
VALUES
(‘newadmin‘, MD5(‘password123‘), ‘John Smith‘, ‘john@example.com‘, NOW(), ‘0‘, ‘John Smith‘);

INSERT INTO wp_usermeta (user_id, meta_key, meta_value)
VALUES
((SELECT ID FROM wp_users WHERE user_login = ‘newadmin‘ LIMIT 1), ‘wp_capabilities‘, ‘a:1:{s:13:"administrator";b:1;}‘),
((SELECT ID FROM wp_users WHERE user_login = ‘newadmin‘ LIMIT 1), ‘wp_user_level‘, ‘10‘);

Keep in mind this query will only work properly if the wp_users table is empty, as it will assign the new account an ID of 1. If there are existing users, you‘ll need to modify the query to generate the next available user ID.

Wrapping Up: Troubleshooting Tips and Additional Resources

Hopefully this tutorial helped you add a new WordPress admin user directly via phpMyAdmin. Remember, when locked out of WordPress, don‘t panic! As long as you have database access, you can almost always regain control of your site.

If you‘re still having trouble logging in even after creating a new admin user, here are a few more troubleshooting tips to try:

• Clear your browser cache and cookies to rule out any saved login issues
• Verify you‘re using the correct username and password (use a password manager to securely save them for next time!)
• Manually reset the new admin password with another SQL query if needed
• Disable problematic plugins by renaming their folders via FTP or file manager
• Reinstall the latest version of WordPress core to repair any corrupt files

Being locked out of your site is stressful, but it‘s also an opportunity to shore up your WordPress security. In addition to the hardening tips mentioned above, continue educating yourself with these helpful resources:

• The Ultimate Guide to WordPress Security
• Hardening WordPress
• WordPress Security Plugins and Services for 2023 and beyond
• 12 Steps to Better WordPress Website Security
• How to Fix Your Hacked WordPress Website

With the proper security measures in place, you‘ll greatly reduce the risk of losing access to your site again in the future. Stay safe out there!