WordPress Login: Password Reset And Security

Logging into the WordPress admin panel is one of the first steps you need to take in order to start building your website. The WordPress login gives you access to the back-end, area where you will be actively working on building your site. Starting with customizing the page settings, installing a theme and plugins to website development and content publishing.

WordPress Login: Password Reset And Security

Let's start with basics and go through the process of logging in to the WordPress admin panel. Once that's covered, I will outline specifics such as:

  • How to change your WordPress password;
  • How to add extra security to the WordPress site;
  • How to hide your site login page.

Let's get started with logging in.

Log In to Your WordPress Site

There are several ways to log in to your WordPress account. The two most popular ones are through web hosting (cPanel) or logging in to WordPress site directly.

Via cPanel

To log in through cPanel, first, you need to access your web hosting account. Once in, locate the cPanel and follow the steps given to access your WordPress admin panel. The layout of each hosting dashboard is different, but following the given instructions, the process is easy and understandable.

Direct Login

If you prefer logging into your WordPress admin panel directly, all you need to know and remember is one of the following URLs:

  • https://yoursiteurl.com/wp-admin
  • https://yoursiteurl.com/wp-login.php

The default link to your WordPress login is the same as the one you use to load your website, all you have to do is to add /wp-admin or /wp-login.php at the end of your URL.

Once you have entered one of these URLs in the address bar, the WordPress login window will load. Now it is time for your username and password.

WordPress Login: User name and password

Enter your WordPress credentials and click: “Log In”.

In case you have forgotten your password, there is an option to create a new one. Simply click on “Lost your password?” link and follow the instructions for a password reset.

Note, too many password attempts can lock you out. If not sure, it is better to reset the password than make too many attempts. It can be frustrating but security matters.

That's it, now you have access to your WordPress admin panel where you can manage your website.

How to Change Your Wordpress Password?

It is sometimes necessary to change passwords. WordPress offers it just like any other online platform and offers it in a simple way. All that you will need is access to the email you use to access the WordPress admin.

You have the ability to change your WordPress password in several ways, the following are the most common: password reset from the login window or change it from the WordPress dashboard.

Reset Your WordPress Password From Login Window

To reset the password from the WordPress login window, click on the "Lost your password?" link. You will be taken to the window you see below and asked to enter your username or email address. Type your credentials and click on “Get New Password”.

Reset WordPress Password Window

The platform now will send you an email with the password reset link. Once you click on the link you will be taken to the window you see below. You have two options. You can keep a password generated by WordPress (it is usually hard to remember, so it is recommended to keep it somewhere safe). Alternatively, you can figure out your own password and type instead of the password they offer.

Enter New WordPress Password Window

In my case, I created my own password and proceeded by clicking on the “Reset Password” link. If you followed the steps above, you are taken to the WordPress admin panel. Now let's look at another way to change your password.

Change Your WordPress Password From The Dashboard

If you can log in to your WordPress dashboard then you can change your password from there. You can use this method to change your password at a time when you cannot access your e-mail or in other cases, for example, if your password appears to be in the circle of someone else.

To change the password from the WordPress dashboard, go to “Users” and choose “Your Profile”. It can be found on the left side menu. In your profile, you will see all the information you have about you. Scrolling down you will find the “Account Management” tab where you can generate a new password.

WordPress Account Management: Generate WordPress Password

At this point, WordPress will generate a secure password for you. As I have already mentioned, they are usually hard to remember, so I suggest you think and write your own. WordPress looks very much to make everything safe, so don't be surprised if it says the password is too weak. If you are ok with that, click confirm. If not, come up with a more complicated one.

When the password is changed, click on the “Update Profile” located at the bottom of the page.

Add Extra Security to Your WordPress Site

I have repeatedly mentioned security here. Nowadays, it is one of the top priorities not only to be safe on the streets but to see that our digital data and websites are protected from attacks. Although WordPress is serious about security issues, it can never be too safe. One is not a fighter, so I recommend adding your WordPress site a secure Google Authenticator.

Google Authenticator offers 2-step authentication thus securing your account. It works not only for Google itself but also for many other platforms, including WordPress.

Note, you will need to install a Google Authenticator app on your smartphone and always have your phone with you at login.

Install Google Authenticator App

The way 2-step verification works is that first, you log in to your WordPress account using one of the methods reviewed previously and then wait for the verification code message on your smartphone. Once the verification used, the system will know it was you (unless your phone is with someone else).

In this case, even if the hacker knows your WordPress password and username, he or she will not be able to access your account because there will be no access to your phone to see the Google verification code.

Add Google Authenticator Plugin For Your WordPress Site

There are several Google Authenticator plugins for WordPress that provide 2-step verification. You can check them all out via WordPress.org. Installing and activating the plugin on the WordPress page is the same as usual, via admin panel go to Plugins - Add New.

Google Authenticator Plugins for WordPress

To add Google Authenticator to a WordPress page, follow these steps:

  • Install one of the plugins found in the WordPress database;
  • Go to Users - Your Profile where you will see Google Authenticator Settings;
  • Tick to 'Activate' and you are all set.

Now, the next time you try to sign in to your WordPress account, your login will consist of the following:

  • User name or Email Address;
  • Password;
  • Google Authenticator code.

Now when your WordPress login is secure, let's learn how and why to hide your login page.

How to Hide Your WordPress Site Login Page?

By granting even more protection to your WordPress website, you can hide the login page. If you hide it, hackers won't have a place to do their brute-force attack from. Just like in the case of Google Authenticator, also here you will need to find one of the WordPress plugins that will allow you to easily and quickly hide the login page.

Just as easy as it sounds, go ahead and browse through the WordPress.org and get the most appropriate plugin. I entered “hide login” in the search field and got the result below.

Top WordPress Login Hide Plugins

For example, the WPS Hide Login plugin allows you to set a new custom login URL and blocks all traffic to the default wp-admin and wp-login pages. All you have to do is install and activate the plugin of your choice and set your new login URL in your Settings from the WordPress dashboard.

If you are using a caching plugin, you will need to add a new login page to the list of pages to exclude from caching. After that, you have made everything to make your WordPress page more secure.


Although WordPress login is an easy process, it is advisable to make it safe, therefore little more complicated. Security comes as an extra action, but it certainly pays off. You can always recover your WordPress login password, but not lost website data that has come into the hacker's hands.

Higher WordPress security can be achieved with the 2-step verification option offered by Google Authenticator. Or for even greater safety, you can hide your login page with the help of WordPress plugins. Let's keep our websites and other online accounts safe.