Beginner's Guide for WordPress - Start your WordPress Blog in minutes.
Choosing the Best
WordPress Hosting
How to Easily
Install WordPress
WordPress Plugins
View all Guides

How to Reset Passwords for All Users in WordPress

Last updated on by
Special WordPress Hosting offer for WPBeginner Readers
How to Reset Passwords for All Users in WordPress

When your website gets hacked, it is recommended that you reset password for all users. This can take a long time if you have a lot of users. In this article, we will show you how to reset passwords for all users in WordPress and automatically notify them about their new passwords via email.

First thing you need to do is install and activate the Emergency Password Reset plugin. Once you have activated the plugin, you can go to Users » Emergency Password Reset and click on the Reset all passwords button. The plugin will automatically reset passwords for all users (including the admin user who initiated the password reset). It will also send an email to all users containing their new password.

Resetting passwords for all users in WordPress

If for some reason, the user does not get their password in the email, then they can easily recover it. All they need to do is click on the Lost your password link on the login page. We have a detailed tutorial on how to recover your password in WordPress.

After resetting all passwords, we recommend that you change your WordPress security key also known as SALTs. Learn more about WordPress Security Keys and how to change them. Changing the security key will end all sessions for logged in users, so if a hacked user was logged in, then they will automatically be logged out.

How to Improve WordPress Login Security

There are a lot of things you can do to improve your WordPress login security. First thing would be to force strong passwords. You can also add an extra layer of security by password protecting your WordPress admin (wp-admin) directory. Another common technique used by hackers is to run scripts that use random passwords in an attempt to crack your WordPress password. One possible solution to slow down most (if not all) such attacks is by limiting login attempts. Another thing you can do is add Google Authenticator’s 2-Step verification to your site.

Last but not least, you can start using Sucuri. Here are 5 reasons why we use Sucuri.

We hope that this article helped you learn how to reset passwords for all users in WordPress. Note, this is not the same as expiring user passwords after a certain period of time. For feedback and questions, please leave a comment below.

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi. Page maintained by Syed Balkhi.

WPBeginner's Video Icon
Our HD-Quality tutorial videos for WordPress Beginners will teach you how to use WordPress to create and manage your own website in about an hour. Get started now »


  1. Ian says:

    Thanks for sharing.

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.