It might seem like the end of the world if you’ve been locked out of your WordPress admin panel and can’t log into your website. But take a deep breath and don’t panic; there are things you can do to recover your access. If you’re new to WordPress, you may want to seek support from your hosting company or developer.
Simple solutions to access your WordPress admin dashboard
Before you try anything complicated, there are a few simple things you can do. Try these things first:
- Clear your browser cache. Different browsers have different settings, but you can usually clear your browser’s cached files through the History or More Tools options in your browser’s menu.
- Clear your WordPress cache. If your hosting company is caching your website for performance, try clearing that information through your hosting account.
- Use an incognito window. Try opening your site in an incognito or private browsing window to be sure you’re not looking at a cached version of the site.
- Check for a security breach. If your site has been corrupted due to a hack, it’s good to know right away. If you have Jetpack Scan, check your email inbox for a notification regarding malware. If your website has malware, take the recommended steps in our article about what to do if your WordPress site is hacked.
Common reasons you can’t access your wp-admin dashboard (and their solutions!)
If your admin area is still inaccessible, it’s time to start digging into your WordPress settings. Many of these solutions require access to your hosting account and knowledge of how WordPress files and the database are configured. If you’re not familiar with these, ask your hosting provider or website administrator for help.
Pro tip: Any and all of these solutions involve delicate, moving parts of your website and an error can make things worse. Always take a full backup of your website before beginning.
1. Your login credentials aren’t working
Occasionally, you may be able to see the login screen, but when you enter your ID and password, you receive an error message that says your credentials are invalid. If you’ve already double and triple checked your login information — and made sure you don’t have caps lock turned on accidentally — it’s time to reset your password.
The solution: Reset your password
If your username and password just aren’t working, start with a simple password reset. Click the “Lost your password?” link below the login fields and WordPress will use the email on file to send a reset link.
If you no longer have access to the email on file, or the reset fails for any reason, passwords can be reset in a few other ways:
a. Ask an administrator to reset your password.
If another admin on your website still has access, they can manually reset your password by going to Users in the WordPress dashboard.
b. Put your new password directly into the WordPress database.
Log into your hosting account and use their administration interface to directly access your database (for most hosts, this will be using cPanel to launch phpMyAdmin).
Open your website’s database. If you have more than one, you can look for the database name in your wp-config.php file.
Open the wp_users table and look for your username or email. Click Edit to update your information.
Look for the user_pass field, and delete the existing string. Then enter your new password. Set the Input Style to MD5 (the form of encryption that WordPress uses).
Save your changes.
c. Create an entirely new admin user.
If your existing user account has been corrupted or cannot be accessed for any other reason, you can create a new admin user from the phpMyAdmin interface by adding information to the wp_user and wp_usermeta tables.
In the wp_users table, add a new line and enter an ID number (any user ID number that is not already in use), a user_login (username), user_nicename (same username again), user_email, user_status (set this to 0), and display_name. You’ll also need to enter a password in the user_pass field in MD5 format.
Then use the same ID number to add admin permissions in the wp_usermeta table. Set the meta_key to be wp_capabilities and meta_value to be a:1:{s:13:”administrator”;b:1;}
See more detailed instructions here. Now you should be able to use your new credentials to log into the dashboard as usual.
2. Part of the dashboard functionality is missing
If you’re missing key functionality, like access to the Customizer, Settings, or Theme Editor, your user account may have been set up incorrectly.
The solution: Get an admin account
You’ll need another administrator on the website to modify your account and grant you administrative powers. Was your account hacked? Try resetting the admin password using phpMyAdmin through your hosting account, or creating a brand new admin account directly in the database (see the section above for more details). Don’t forget to reset all passwords once you’re in and scan your site for any backdoors or malware that hackers might have left in your code.
3. Cookies aren’t enabled
Cookies are required to get through the WordPress login process, so if they’re not working correctly, you may see an error message like “Cookies are blocked or not supported by your browser” when trying to log in.
The solution: Change your browser settings
First, check your browser settings to make sure you allow and accept cookies. If that still doesn’t work, the problem may be your caching or security plugin. If you’ve installed a new plugin on your site, deactivate it and try to log in again.
The easiest way to disable a plugin without access to your dashboard is to rename the plugin:
- Use FTP to connect to your website’s server.
- Navigate to public_html → wp-content → plugins.
- Rename the security or caching plugin to anything you’d like. This will deactivate it.
Don’t forget to clear your cache before trying to log in again. If this solves the problem, then you’ll need to either choose a different caching or security plugin, or troubleshoot the issue with their support team.
4. You’re locked out by a security plugin
Some WordPress security plugins limit the number of failed login attempts you can make, and if you’ve been using expired credentials, you might hit that limit and be blocked.
Other plugins contribute to WordPress security by changing the default login URL from the standard yoursite.com/wp-admin to something different. This can help block brute force attacks. But problems can arise if you forget the new login URL (a much more common problem than you might think!).
The solution: Disable the plugin
The easiest way to do this when you don’t have access to your dashboard is by renaming the directory containing the plugin’s files, to stop WordPress from finding the files and loading them on startup. You’ll do this by following the same instructions as in step three:
- Use FTP to connect to your website’s server.
- Navigate to public_html → wp-content → plugins.
- Rename the security or caching plugin to anything you’d like. This will deactivate it.
Once the plugin is renamed, try reloading your login screen. Don’t forget that you might have to clear your browser cache. While logged in, rename your plugin to its original title via FTP. Then, check your security plugin settings and clear any blocks.
5. You’re getting a fatal memory error
You’ll know you have memory problems with your WordPress installation if you see an error that says “Allowed Memory Size Exhausted.” This means that your WordPress configuration and plugins require more memory than your hosting account currently provides.
The solution: Increase memory for WordPress
You can try increasing your WordPress memory limit by editing your wp-config.php file, a settings file that lives at the root level of your WordPress installation. You’ll need to use FTP to download this file for editing, or use your hosting account’s file manager.
Once you’re editing the file, try adding this line at the very bottom:
define( 'WP_MEMORY_LIMIT', '512M' );This should increase your installation memory limit and allow WordPress to load.
However, be aware that the amount of memory allocated to your WordPress installation is also controlled by your hosting company. They’ll set a maximum memory limit for each user, and that limit takes precedence over the WordPress wp-config file setting. You may need to verify your memory limit with your host, and upgrade your hosting package or ask them to make changes to your account to properly resolve this error.
6. You’re seeing the “white screen of death” or a 500 error
Probably the scariest event for a website owner is the infamous “white screen of death,” where your website just shows you nothing at all. Or it could just show an error code from your server. This problem is typically caused by a plugin or theme conflict.
The solution: Deactivate all plugins or change your theme
Usually, a problem like this is caused by a conflict between an older plugin or theme that is no longer compatible with a WordPress core update. Your goal is to turn off all plugins and change your theme to a simple, default theme to determine the cause.
Start by turning off all of your plugins at once, which you can do by renaming the Plugins folder via FTP:
- Use FTP to connect to your website’s server.
- Navigate to public_html → wp-content.
- Rename the plugins folder to whatever you’d like (e.g. plugins.bak).
Attempt to load your website again. If it loads properly, you’ll know that a plugin was the cause of the error. Now, return the plugins folder to its original name and deactivate each plugin one at a time (see sections three or four to learn how to turn off individual plugins) until you find the culprit. Once you’ve determined the problem, you can roll the plugin back to a previous version to see if that solves the problem, reach out to the developer for support, or find a different plugin to use instead.
Pro tip: Turn on debug mode, which can cause an error message to appear on your site that identifies the specific plugin causing the issue. Do this by adding these lines to your wp-config.php file:
define( ‘WP_DEBUG’, true);
define( ‘WP_DEBUG_LOG’, true);If turning off all plugins still doesn’t fix the problem, try deactivating your theme. In this case, WordPress will load a basic, default theme like Twenty Twenty-One. You’ll want to remove your theme by renaming its directory using FTP:
- Navigate to public_html → wp-content → themes. Find your current, active theme.
- Rename the theme folder to whatever you’d like (e.g. my-theme.bak).
Note that this will only work if you have a default theme installed. If you don’t, you can upload one to your themes folder that WordPress can revert to when you deactivate your current theme.
If your site still shows nothing or shows a server error, try contacting your hosting provider for help.
7. You encounter a PHP syntax error
If you’ve been working with custom code — like making changes to your child theme or plugins files — you might accidentally break your site. You’ll see a PHP syntax error pop up on your screen, sometimes embedded at the top of your site’s framework, or simply a blank white screen. Some PHP errors are more critical than others, and depending on the type of code you’re editing, they may prevent you from accessing the back end of your site.
The solution: Manually fix the PHP error
You’ll want to access the back end of your site via FTP or your hosting company’s cPanel to find the file you were working on. Usually, the reported PHP error will specify the file causing the problem, along with the specific line of code you need to edit. The cause of the issue can vary widely depending on the mistake made. However, look for things like extra characters and open brackets.
8. You get a database connection error
It’s rare, but occasionally WordPress will lose its connection to the database. In this case, you’ll see an error message saying that there is a database connection problem.
The solution: Repair the wp-config.php file manually
Your database connection is controlled through your wp-config.php file, which lives in your WordPress directory. Access that directory using FTP, and edit the wp-config.php file with the current or updated database settings.
Use your hosting account’s management panel to find the details of your database, then cross reference those details with your wp-config.php file. You’ll need:
- The name of your database
- The table prefix used by the tables in your database
- Your database’s username and password
- The host where your database lives (usually “localhost”, but sometimes a specific IP address).
Every hosting account is different, so contact your host for assistance finding this info if necessary. Now update the info to your wp-config file in the lines that look like this:
/** The name of the database for WordPress */
define( ‘DB_NAME’, ‘database_name_here’ );
/** Database username */
define( ‘DB_USER’, ‘username_here’ );
/** Database password */
define( ‘DB_PASSWORD’, ‘password_here’ );
/** Database hostname */
define( ‘DB_HOST’, ‘localhost’ );
/** table prefix */
$table_prefix = ‘wp_’;
Your database should connect once all of these settings are configured properly.
Need more help? See our full article about troubleshooting “Error Establishing Database Connection” on WordPress.
9. File permissions are not set correctly
This is rare, but sometimes an error during the WordPress upgrade process or installation of a plugin can cause file permission problems. These can be hard to spot — you’ll sometimes see a permission error on the screen, but other times, they just quietly prevent logins, media uploads, or the installation of new plugins. When you’re seeing mysterious failures that seem to have to do with files not loading or uploading properly, you could have a file permissions issue.
The solution: Fix file permissions remotely
For this fix, you’ll want to use FTP to double-check the permissions on all files and directories, and repair them if necessary. The general rule of thumb for WordPress permissions is:
- Permissions code 644 for files
- Permissions code 755 for directories
If you suspect a file permissions issue, then go through your full WordPress directory structure carefully, double-checking the permissions on each file and directory, to make sure they match the recommended status above.
Don’t forget to set the permissions properly for top-level files, especially the wp-config.php file and your .htaccess file, both of which control key connection and security parameters. If you’re not sure how to do this, reach out to your hosting provider for help.
The catch-all solution to access your WordPress admin area
If you still can’t get into your site’s admin area, it may be easiest to restore a full backup of your WordPress site. The downside is that you may lose any new files or changes you’ve made to your site since the last usable backup.
But if you have a good backup system in place, restoring one might even be a better solution than trying to troubleshoot and resolve an error. The best peace-of-mind comes from offsite, live backups like the kind generated by Jetpack Backup. Jetpack keeps your data current at all times and allows for restorations with just one click, even if you have no access at all to your WordPress dashboard. You can even use the WordPress activity log to choose an exact point to which you’d like to restore — like right before you started to experience the error.
If you haven’t set up your own WordPress backups, you may be able to get help from your hosting provider. Although not as trustworthy or current as an off-site backup solution, great hosts usually back up sites on a fairly regular basis. You may lose some data, but it will still be a relief to get your site up and running again.
How to avoid getting locked out of WordPress
Losing access to your WordPress site’s administration dashboard is stressful. Protect yourself and your site going forward by:
- Saving your passwords with a secure, encrypted, local password manager
- Using a reliable hosting provider that provides excellent support and security features
- Only working with properly-licensed plugins and themes from reputable companies that receive frequent updates
- Keeping regular, offsite backups of your site that can be restored with one click should your site break or become inaccessible for any reason
Remember that a website requires care, attention, and maintenance to keep it healthy. Put the right protections in place now to prevent problems in the future.
Jetpack 