How To Change Your phpMyAdmin Password?

by

7-layers of Security for Your WordPress Site

Your website needs the most comprehensive security to protect it from the constant attacks it faces everyday.

There are many reasons you may need to change phpMyAdmin password. Perhaps, as a part of your security checks, if an employee has left, or you need to regain access after losing the password. You may also notice some unauthorized access and need to change all passwords because of it. 

As an aside, if thereā€™s a possibility of your website being hacked, run a malware scan now

phpMyAdmin is a tool that helps you manage and control databases on your website using a web interface. Therefore the phpMyAdmin password safeguards access to your database. So, if youā€™re worried about a hack, for example, itā€™s one of the many passwords that need to be changed in your post-hack regime

In this article, we will go over a few different ways to change your phpMyAdmin as quickly and easily as possible. 

TL;DR: If you can log in to phpMyAdmin, simply navigate to the User Accounts section to change your password. You will then have to update the password stored in the config.inc.php file. 

We all understand the importance of good passwords in data security. From wp-admin to cPanel and more, every password plays a pivotal role in safeguarding your site. In fact, passwords are also used by different parts of your site to connect to each other, just as you use them to gain access. 

For example, changing the database password is recommended after removing malware from a site. However, the important second step in this process is to update the new password in the wp-config.php file in your site files. The configuration file is used to establish a connection to the database from the site. The case is similar to updating the phpMyAdmin, as we talk about in this article. 

Additionally,  this also means that you need to have the right accessā€”root access in this caseā€”to change phpMyAdmin password. 

We will outline each step and its requisites in the sections below. Before beginning, we recommend taking a backup of your site before starting on this process.

Step 1: Logging into phpMyAdmin 

phpMyAdmin uses the database server username and password as login credentials. Depending on your installation, the default password might be empty (or null) or even root, like the default username. If you need to set your password for the first time, here are the steps to do so:

  1. Log into phpMyAdmin
  2. Open the SQL tab at the top
  3. Type the following query:
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('your_root_password');

You will get logged out of your server. You will need to change your password in the config.inc.php file. If you are changing the password on localhost, you will need to reboot your server to log back in. 

If you have forgotten your password, you may be able to find your existing password by using your cPanel to log in to phpMyAdmin. If the web host allows for this, you might be able to locate the config.inc.php file. In that file, look for the following:

$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'username';
$cfg['Servers'][$i]['password'] = 'password';

Because configurations vary significantly from host to host, be warned that this might not be an option at all. You can reclaim the password from this configuration file only if the ā€˜auth_typeā€™ variable is set to ā€˜configā€™, not ā€˜cookieā€™ or ā€˜httpā€™.  

Important: If youā€™re looking to change phpMyAdmin password, keep in mind that it is a two-part process. First, you change the database server password on phpMyAdmin, and then you need to update the phpMyAdmin configuration file with the new password as well. 

Step 2: Change the password on phpMyAdmin

There are three methods to change phpMyAdmin password on the database server. Two methods involve using the web interface to log in and modify the password directly through the “Change Password” or “User Accounts” section. For the third, you can also use the SQL tab in phpMyAdmin and change your password.

Method 1: Password settings

Using the password settings modal on phpMyAdmin dashboard is the first and easiest method. However, the modal is only accessible if you have already set a password for your phpMyAdmin. 

  1. Access phpMyAdmin: Start by visiting “http://domain.com/phpmyadmin” (replace “domain.com” with your website’s domain). You may or may not need credentials to log in. This depends on a setting in the config.inc.php file. Alternatively, you can also access it directly through cPanel if your hosting provides that option. Click phpMyAdmin in the Database section.
  2. Locate the General Settings: Once logged in, look for the General Settings section on the dashboard. In this section, you’ll find the option to change your password.
phpMyAdmin general settings
  1. Change password: Click on Change Password and a modal will appear, prompting you to type in your new password.
  2. Set the new password: Enter your desired password in the designated field.
Setting new password for phpmyAdmin
  1. Confirm the new password: Retype the new password to ensure there are no typos or mistakes.
  2. Apply the changes: Click the Go button to apply the changes and update your phpMyAdmin password. 

Note: If you have shared hosting, this method may not work because you may not have root access. 

Method 2: User accounts

TThe next option is to use the User Accounts tab, which is slightly more complicated.

  1. Access phpMyAdmin: Access phpMyAdmin through your web browser and login using your current credentials.
  2. Navigated to User Accounts: Once logged in, navigate to the User Accounts tab. This tab displays a list of all user accounts associated with the database.
User accounts overview
  1. Find the correct user: Locate and select the root user with hostname localhost from the list of accounts. The root user typically has administrative privileges.
  2. Edit settings: After selecting the root user, click on the Edit privileges option on the bar above. This will allow you to modify the user’s settings.
  3. Change the password: In the Edit privileges section, find and select the Change Password tab. This is where you can update the password for the root user.Enter your desired new password in the designated field.Re-enter the new password in the confirmation field.

Optional: Generate a new password or choose an authentication system: If needed, you can use the Generate Password feature or choose an authentication system from the dropdown menu.

  1. Save changes: Once you have entered the new password and made any desired selections, click the Go button to apply the changes.

Method 3: SQL queries

You can use an SQL query to change phpMyAdmin password as well, if you so choose. Like the other methods, you will need to access the phpMyAdmin dashboard for this.

  1. Log into phpMyAdmin: Access phpMyAdmin and login using your credentials.
  2. Open the SQL editor: Click on the SQL tab located at the top of the page.
  3. Change the password: Enter the following query:
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('your_root_password');

Replace ‘your_root_password’ with your desired new password. Click on Go to execute the query to update the password for the root user.

Running SQL query to set password

In most cases, you will get logged out of phpMyAdmin once youā€™ve changed the password. Do not panic. You will need to change your password in the config.inc.php file. Keep calm and proceed to the next section. 

Step 3: Change phpMyAdmin password in the config.inc.php file

phpMyAdmin uses several configuration files to connect to databases and set up the tool correctly. One of the crucial ones is the config.inc.php file, which you will find in the main phpMyAdmin or bin folder. 

The phpMyAdmin password can be stored in this file to control how authentication to the database server. Therefore, if you have set or changed the password, updating the new password here is a crucial step in the process. Without updating the password in the correct configuration file, phpMyAdmin will not be able to connect to the database server.

If you have root access to the server, you can find it using either FTP or SSH. Weā€™ll walk you through both methods:

Option 1: FTP client

For this method, you will need an FTP client like FileZilla or Cyberduck. Weā€™re using Cyberduck for the purposes of this tutorial. You will also need application credentials like your site serverā€™s IP address, username, and password. 

  1. Access the server files: To begin, you’ll need access to your site server. Click Open Connection in the Cyberduck window. Add your credentials and click Connect. 
  2. Locate the Configuration File: Now, you must locate phpMyAdmin’s configuration file, config.inc.php. This file is usually found in bin, the phpMyAdmin installation directory. It might reside in a subdirectory named config, XAMPP or MAMP folder, or simply within a phpMyAdmin folder. If you search the folder, you might see several files with the same filename. Open each to figure out which one has the server settings in step 4.
Locating configuration file
  1. Open the configuration File: To make changes to the config.inc.php file, you can use a text editor. Just download the file and open it in a text editor. 

Find the credentials: Within the config.inc.php file, look for lines that contain the database credentials. The ā€˜auth_typeā€™ value will be one of ā€˜configā€™, ā€˜cookieā€™, or ā€˜httpā€™, these lines will typically resemble the following:

$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'username';
$cfg['Servers'][$i]['password'] = 'password';

Replace the word password in the last line of code above with your new password. Replace the word ā€˜configā€™ with ā€˜cookieā€™. This will show you a login screen when you open phpMyAdmin in a browser.   

  1. Save the changes: After making the necessary changes, save the file. 
  2. Upload the file: Reupload the new file to your server using Cyberduck.
  3. Reboot your database server: If you are making these changes on a locally installed server, stop your existing connection and restart it. 
  4. Confirm the password change: Log back into phpMyAdmin to confirm that the password change has worked. 

Option 2: SSH

For this method, you will need an SSH client like OpenSSH on Linux/macOS or PuTTY on Windows. You will also need your IP address and SSH credentials. 

  1. Connect to your server: Using your SSH client, type the following command:
    ssh username@ipaddress

    When prompted, type in your password. 
  2. Navigate to the directory where phpMyAdmin is installed: Typically, it is located within the web server’s document root directory. For example, on Apache, you may find it in /var/www/html/phpmyadmin. Look for the config.inc.php file. As we discussed in a previous section, there may be multiple files with the same filename. Look for the one with the server connection details outlined in the next step. 
  3. Edit the file: Using an editor like Vim, type in the following command:
Vi config.inc.php

Press the i button to start editing.

In the file, locate the line containing

$cfg['Servers'][$i]['password']

 and change its value to your new password. It should look like:

$cfg['Servers'][$i]['password'] = 'your_new_password';
  1. Save changes: To save the changes and quit the editor, enter the following command:
    :wq
  2. Close the SSH session: Type in exit to quit the SSH connection and return to your regular terminal

Troubleshooting 

Changing your phpMyAdmin password can sometimes be difficult because there are a multitude of ways that phpMyAdmin and your site server can be configured. Add to that, different versions of tools, and something straightforward can become complicated. 

Additionally, there are two parts to the process and it is important to do both. You may come across these common errors and difficulties along the way. 

  • Canā€™t find the ā€œChange Passwordā€ option in General Settings: This is because there isnā€™t a password set in the first place. In that case, you can run the query on the SQL tab to set a password for the first time.
  • Donā€™t have root access: If you donā€™t have root access, you will have to reach out to your host to change the password if needed. 
  • Database connection was disrupted after changing your password on SQL queries: In this case, take the old-school troubleshooting route. Reboot your database server and try to log back in. 
  • Canā€™t access phpMyAdmin because of host, username, and password: Youā€™ve been logged out of your server and the first thing to do is make sure youā€™ve correctly updated the password change on the file. Next, check for the following code:
$cfg['Servers'][$i]['AllowNoPassword'] = true; 
$cfg['Servers'][$i]['verbose'] = 'localhost';

If that doesnā€™t work, create a new user on phpMyAdmin by using the following command:

CREATE USER 'yourUsername'@'localhost' IDENTIFIED BY 'yourPassword';

Then, give it root privileges with the following command: 

GRANT ALL PRIVILEGES ON *.* TO 'yourUsername'@'localhost'
IDENTIFIED BY 'yourPassword' WITH GRANT OPTION;

Change the root password using this new user. Reboot the server and try again. 

  • Error establishing the database connection: There could be a lot of reasons why this error is appearing. Check to make sure that your database password matches your web host or cPanel, as well as your wp-config.php file. If that doesnā€™t work, check out all the ways to troubleshoot a database connect error.  
  • Database not connecting with new password: We ran into this issue with a locally installed server, and the only way we have found to solve it was to restart the server. You have to stop all systems processes too, and start it up again. You can either use the database control panel (XAMPP control panel, for example) or the command line. The solution will be very specific to your web host and their server setup.

Best practices for password security

When it comes to safeguarding your website and sensitive data, implementing strong password practices is essential. By adhering to the following best practices, you can significantly enhance your website’s security and reduce the risk of potential breaches.

  1. Don’t share credentials: Keep your login credentials confidential and avoid sharing them with anyone unless necessary. Create new user accounts with appropriate privileges, and promptly revoke access when it’s no longer needed. If you absolutely must share a password, use a password manager to do so.
  2. Use a password manager: Employing a reliable password manager is an excellent way to store and manage your passwords securely. Password managers generate complex and unique passwords for each account, eliminating the need for repetitive or easily guessable passwords.
  3. Don’t use the same password twice: Avoid the dangerous habit of using the same password across multiple platforms or websites. If one account gets compromised, using the same password elsewhere could lead to a domino effect of security breaches. We understand it is difficult to remember so many credentials, which is why we recommend password managers.
  4. Don’t save your passwords in a browser: While it may be convenient, saving passwords in your web browser can pose a security risk. If someone gains access to your computer or device, they could easily access all your accounts.
  5. Use security plugins: To bolster your website’s defenses, consider utilizing security plugins like MalCare for WordPress sites. MalCare offers critical security features such as malware scanning, firewall protection, and brute force attack prevention, while safeguarding your site from potential hacking attempts.

Final thoughts 

Changing your phpMyAdmin password is essentially changing your database server password. It is important to remember that it is a two-step process. After changing or setting the password via phpMyAdmin, make sure to update it in the config.inc.php file. Otherwise, you will not be able to connect to your site and will face an error. 

Password security helps prevent unauthorized access and potential data breaches. However, in today’s ever-evolving digital landscape, relying solely on password changes may not be sufficient to thwart sophisticated cyber threats. To provide an additional layer of protection, it is essential to leverage advanced security solutions such as MalCare. 

This powerful security plugin goes beyond basic password protection, offering a comprehensive set of features, including malware scanning, firewall protection, and brute force attack prevention. By incorporating MalCare into your WordPress website’s defense strategy, you can proactively safeguard your site from various cyber risks, ensuring a robust and resilient security posture. Embracing a multi-faceted approach to website security is the key to staying one step ahead of potential attackers and preserving the integrity of your valuable online assets.

FAQs

How to reset the admin password in phpMyAdmin?

To reset the admin password in phpMyAdmin:

  1. Log in to your phpMyAdmin dashboard using your current admin credentials.
  2. On the left-hand side, choose the database associated with your website.
  3. Look for the table that contains the admin user’s data. This table usually has “users” or “admins” in its name.
  4. Click on Edit or  the pencil icon next to the admin user’s row.
  5. In the Password field, type your new desired password.
  6. Click the Go or Save button to apply the changes and reset the admin password.

There are more ways to reset your WordPress admin password

How do I find my phpMyAdmin credentials?

Your phpMyAdmin credentials can usually be found in the configuration file called config.inc.php. This file is located within the phpMyAdmin installation directory on your web server. Look for lines similar to the following:

$cfg['Servers'][$i]['user'] = 'username';
$cfg['Servers'][$i]['password'] = 'password';

Please note that a password will also be visible if the $cfg[‘Servers’][$i][‘auth_type’] is set to ā€˜configā€™.

How to set a username and password in phpMyAdmin?

Setting a username and password in phpMyAdmin is typically done during the installation process of phpMyAdmin or through the control panel provided by your web hosting service. 

  • During installation: If you’re installing phpMyAdmin manually, the installation process will prompt you to set a username and password for the database user account that phpMyAdmin will use to access the MySQL server.
  • Through hosting control panel: Many web hosting providers offer a control panel interface where you can create and manage database users. Access the control panel, find the section for databases or MySQL, and create a new user with a username and password. This user can then be used in the config.inc.php file of phpMyAdmin.

How to change MySQL password in MySQL?

There are two parts to changing the MySQL database password. First change it on either your webhost or cPanel. Then, access your site files and change the password on your wp-config.php file. Update the following line of code with the new password:

DB_PASSWORD

How to access phpMyAdmin with username and password?

To access phpMyAdmin, follow these steps: 

  1. Enter the following URL into your browser to access phpMyAdmin:  http://domain.com/phpmyadmin (replace domain.com with your own URL). 
  2. The phpMyAdmin login page will appear, prompting you to enter your credentials. Enter the username and password associated with your MySQL or MariaDB database and login. 
  3. Once logged in, you can manage your databases, execute SQL queries, and perform various administrative tasks related to your MySQL or MariaDB database

How to login to phpMyAdmin without username and password?

You can access your phpMyAdmin from cPanel, if your web host provides it. You wonā€™t need credentials to login. You can also find your credentials in the config.inc.php file in the phpMyAdmin installation directory, if you want to access phpMyAdmin directly via the browser.

How do I fix the access denied error in phpMyAdmin?

This is likely because you have the wrong credentials. Find the correct credentials on your config.inc.php file. Look for the following code to find your username and password:

$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'username';
$cfg['Servers'][$i]['password'] = 'password';

Please note that if the ā€˜auth_typeā€™ is set to ā€˜cookieā€™, the password may be empty. 

What is the username and password for phpMyAdmin localhost?

Go to http://localhost/phpMyAdmin. If you havenā€™t set up any users yet, use your root credentials. Default root username is root and there usually isnā€™t a password. You can also find your credentials on your config.inc.php file within the phpMyAdmin installation directory.

Category:

You may also like


WordPress Salts
Complete Guide to WordPress Salts and Security Keys

Several factors work together to secure your WordPress site, from strong passwords to a robust malware scanner. Among these elements are WordPress salts or security keys. WordPress salts or security…

WordPress security updates feature image
WordPress Security Updates: A Complete Guide

Curious about what WordPress security updates are and why they matter? Ever wondered whether to enable auto-updates or manually apply them to avoid site issues? You’re in the right place….

wp-cron.php feature image
A Complete Guide to wp-cron.php

Ever wonder how WordPress schedules tasks like publishing your blog posts automatically, checking for updates, or cleaning up old comments? Maybe you’re a novice user curious about how this magic…

How can we help you?

If you’re worried that your website has been hacked, MalCare can help you quickly fix the issue and secure your site to prevent future hacks.

My site is hacked – Help me clean it

Clean your site with MalCare’s AntiVirus solution within minutes. It will remove all malware from your complete site. Guaranteed.

Secure my WordPress Site from hackers

MalCare’s 7-Layer Security Offers Complete Protection for Your Website. 300,000+ Websites Trust MalCare for Total Defence from Attacks.