I’ve spent the weekend fixing sites that have had all the WordPress usernames changed to admin.

This looks like it affected all sites hosted on one of my hosts.

Difficulties is, if there is more than 1 user with the username “admin” then you cannot login to WordPress or change the password and login because the system seems unable to compare the username and passwords correctly.

Solution

You can either restore a backup from prior to the change or my preferred solution is to go into the cPanel and then phpMyAdmin and open the WordPress database, find the wp_users table and edit the user directly.

You can either reset each user here or reset 1 and then login to WordPress to manage the rest.

Prevention

I’d recommend installing the free version of Wordfence Security – Firewall & Malware Scan, I find it works a treat.

WhatsApp WhatsApp Me