Changing Your Database Password

We are serious about passwords and that’s why you may have noticed our 23 random character passwords for your WordPress admin user we generated during the installation of your site.

That’s the kind of password that will keep your site safe from brute force and dictionary attacks. The lastpass.com and random.org sites provide some tools for generating super long passwords.

So why would you ever want to change your database password? Typically you won’t ever need to because we set it initially during installation to another unique 23 random character string. But, there might be a good reason to change it. The one that comes to mind is Heartbleed. So, here we go…

Changing Your Database Password

Warning: Changing your database password can disable your site. Make sure you know what you are doing.

Log into adminer. For example, if your site is example.com then go to https://example.com/adminer/.

1. You can get your DB username and current DB password by SFTP’ing to your site and looking in your wp-config.php file which is located in the WordPress directory.

2. Click on the “Privileges” link

3. Click on the “Edit” link beside “localhost”

4. Make sure the “Hashed” checkbox is unchecked

5. Use lastpass.com or random.org to generate random passwords. Use one of those by copying and pasting it into the 'Password' field then scroll to the bottom and click 'Save' button while simultaneously…

6. Pasting the password you just set in adminer into your wp-config.php file on the line with define(‘DB_PASSWORD’, ‘password’); by replacing 'password' with the new password.

define(‘DB_PASSWORD’, ‘password‘);

NB: It's important to do both step 5 & step 6 together - otherwise your WordPress site will not be able to access the database which could cause issues. You might like to also consider putting your website into 'Maintenance' mode while changing your database password.

Related Links: