Once, I found myself in a critical situation. One of my client’s WordPress blogs was hacked its admin password was changed. He wants to reset it. When I tried to use the password reset function, I found that there is no user with the username admin and the email id was also wrong. Hacker changed the email id and username of the WordPress blog. This was also not a big problem for me. I asked for the cPanel login credentials and thought I will do it directly from PHPMyAdmin. But the Client refused to give cPanel details because he was afraid of data leakage. There were multiple websites hosted on a single hosting.

In that case, I had only the option to use FTP and nothing else. By adding a code in the functions.php file of WordPress, we can add a new user with an admin role. I use FileZilla for making an FTP connection. It requires FTP account credentials. I am not going into the details of how to create an FTP account and add that to FileZilla.

When you are successfully connected to your website’s FTP account using FileZilla, you can see all the files. Navigate to the directory wp-content and then to themes. Here, open the folder of the theme that is currently active on the website. Now select functions.php, right-click on it and select edit. Now put the following code at the beginning. Change $user, $pass, and $email values according to the account details which you want to add.

function admin_account(){
$user = ‘AccountID’;
$pass = ‘AccountPassword’;
$email = ’[email protected]’;
if ( !username_exists( $user ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $user, $pass, $email );
$user = new WP_User( $user_id );
$user->set_role( ‘administrator’ );
} }
add_action(‘init’,’admin_account’);

Save the file.

Now refresh the blog. It will load functions.php and this code will be executed. It will add the user with specified details and the default role will be admin. Soon after you refresh the blog, remove the lines you added, and then try login in with this new account you just added.

If you look at the code, it asks for an account id. This is the username. So enter a unique username that is not already a registered user on your blog. You should also enter a unique email that has not been already registered on your blog. Before you remove this code, do not forget to save the password.

I always recommend people use a strong and random password that is hard to guess and hard to crack. There are several good random password generators to generate a random string of passwords. If you find it hard to remember a strong password, you can use a good password manager.

In case of any difficulties in implementation, you can comment below or contact me.