Table of contents

1. Use the “Forgot Your Password?” link (recommended)2. Change the admin password via CLI3. Change the admin password in the database Security tipsBackup admin accountFAQsHow to get started

Get the industry’s most secure Magento hosting◦ 99.99% uptime
◦ Comprehensive security
◦ 24/7 support

Magento Guide → Admin → Change Password

How to change the admin password in Magento

Need to change your Magento admin password—or worse, locked out of your store entirely? Whether you’ve forgotten your credentials or want to update them for security, Magento gives you a few solid options to reset your password and regain access.

Let’s walk through each method and cover some essential best practices to protect your backend.

Host Magento at full throttle.

Get secure, reliable Magento hosting so you can scale faster.

Magento hosting

1. Use the “Forgot Your Password?” link (recommended)

The fastest option is the built-in password recovery tool on the admin login screen. This method works best if the account is active and the admin email address is still valid.

Visit your Magento admin login page (usually something like yourdomain.com/admin).
Click the Forgot your password? link under the login form.
Enter the email address associated with your admin account.
Click Retrieve Password.
Check your inbox for a password reset link, then follow the steps to create a new password.

If you don’t see the email, check your spam folder and make sure your Magento store is properly configured to send email (i.e., SMTP setup is working).

2. Change the admin password via CLI

If email recovery doesn’t work or you want to quickly create a new admin account, the Magento command-line interface is your best option. This method is fast, safe, and doesn’t require access to the database.

Log into your server via SSH.
Navigate to your Magento installation root directory.
Run the following command:

bin/magento admin:user:create \
--admin-user="newadmin" \
--admin-password="SecureP@ss123" \
--admin-email="[email protected]" \
--admin-firstname="Admin" \
--admin-lastname="User"

Replace each placeholder with your real details. You’ll see a success message if the account is created correctly.

You can now log into the Magento backend using the new admin credentials. From there, you can update or delete older accounts as needed.

3. Change the admin password in the database (phpMyAdmin or MySQL)

If neither the CLI nor password reset email is an option, you can directly update the admin password in the database. This should be treated as a last resort—mistakes here can easily cause site issues.

Log into phpMyAdmin or connect to your database via MySQL.
Open the admin_user table.
Find the row for the admin user you want to change.
Update the password field using a secure MD5 hash format. You can use this SQL command:
UPDATE admin_user SET password = CONCAT(MD5(‘YourNewPassword’), ‘:XXXXXXXXXXXXXXXX’) WHERE username = ‘admin’;
- Replace ‘YourNewPassword’ with your desired password.
- Keep the salt value (:XXXXXXXXXXXXXXXX) from the original record, or reuse it from another row.
Save the changes.
From the command line, clear the cache:
bin/magento cache:clean

You should now be able to log in with the new password.

Security tips for Magento admin passwords

Magento powers high-value ecommerce stores, making admin accounts a prime target. After resetting your password, keep these best practices in mind:

Use a long, complex password (12+ characters with letters, numbers, and symbols).
Avoid using dictionary words, personal names, or anything easily guessed.
Change your password after role changes or team departures.
Don’t reuse passwords from other systems.
Enable two-factor authentication (2FA) using a module like Mageplaza’s Google Authenticator.

Keeping your admin area secure helps protect customer data and your store’s reputation.

Create a secure backup admin account

It’s smart to create a backup admin account: something you can disable and only enable during emergencies.

Log in via SSH and navigate to your Magento root.
Run the CLI admin:user:create command to set up a new account with a strong password.
Use a different email address and username than your main account.
Test the login, then disable the account using:
UPDATE admin_user SET is_active = 0 WHERE username = ‘backupadmin’;

Store the credentials in a password manager. You can reactivate the user by changing is_active back to 1.

Magento admin password FAQs

Yes. Use the command line or database method to either create a new admin user or update the password manually, no email required.

Magento only sends emails if SMTP settings are correctly configured. You might need to set up transactional email services or check for outgoing mail blocks on the server.

It’s technically safe if you use the correct MD5 + salt format and know what you’re doing. Always back up the database before making any direct changes.

Next steps for changing the Magento admin password

Changing or resetting your Magento admin password is simple once you know your options. Whether you go through the login screen, CLI, or database, it’s crucial to protect access with strong credentials.

If you’re not confident using the terminal or database tools, don’t hesitate to contact your hosting provider or a Magento developer for help.

Ready to upgrade your Magento experience? Professional hosting improves speeds, security, and reliability for a website and a brand that people find engaging and trustworthy.

Liquid Web offers the raw infrastructure power you need with mission-critical features that keep your store running smoothly. Most importantly, our in-house Magento experts are standing by to help with both hosting and Magento application roadblocks.

Click through below to explore all of our Magento hosting options, or chat with an expert right now to get answers and advice.