Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Juan Aviles
12,795 PointsWordpress Admin Password keeps changing
I've had my Wordpress site up for a about a month now, but I keep having the same problem. If I leave the site for a few days and come back to post, my password is always wrong. I have to go through the steps of resetting it, and then it's fine...until I leave it again. I have been VERY meticulous about writing it down properly, but still have this issue. I searched online, and this seems to be a very common problem, but no real solution can be found. Does anyone know why this is? I am using Firefox, but it happens on Chrome as well.
Aaron Carpenter
14,223 PointsJuan,
Either your password is too weak, and a brute force attack on it is allowing someone in, or your website has been compromised.
First, reset your password again and be sure to include upper and lowercase letters, at least one number, and one special character (e.g. (&^%*^&$).
Second, you should install wordfence plugin and scan the site for malicious code. Even if this comes up clean, it doesn't necessarily mean your website is perfectly clean, but it's a good start.
Third, contact your hosting provider and ask them to take a look at the account for spammy mail, or malicious code on the server.
Hopefully this starts you off in the right direction!
Thanks Juan,
Aaron
2 Answers
Sue Dough
35,800 PointsYou have probably been hacked worst than you think. The fact it has switched multiple times sounds like the hacker got Root access on your server OR you are horrible at remembering passwords. Look into a password manager such as Keepass. It takes a lot of time and CPU power to bruteforce 1 time yet alone multiple times in a month. Additionally the fact the site has only been around a month means its probably not too valuable. (No offense just thinking realistically) I doubt a hacker would waste so much resources brute forcing you multiple times. It sounds like they have more control then you think. You will need to scan everything on your server, make all your passwords higher than 128 bits and unique, and check for any vulnerabilities in your application. You may have a bad plugin or code snippet that is allowing them to escalate all the way to the server, I would also contact your host and potentially a website security professional to help you out.
Juan Aviles
12,795 PointsI actually do use KeePass and have it generate the highest level password it's capable of. I installed the BruteProtect plugin and so far things seem to be working properly with no changes in passwords. I will contact my provider and see if there is any suspicious activity that they can alert me to. The site will be getting a complete overhaul in the coming weeks.
Sue Dough
35,800 PointsI see well if your encrypting your passwords then I do not think they could brute force you that fast more than once. I think its something deeper like I said.
Juan Aviles
12,795 PointsSo here is a question...if someone brute forced their way in, wouldn't they be able to change my permissions so that I couldn't reset the admin password and get back in myself? I'm still a bit new to Wordpress, so I'm not really sure what someone who forced their way in would do. Would they leave my permissions alone so that I would not be alerted?
I really appreciate the feedback, and thank everyone for the help.
~Juan
Juan Aviles
12,795 PointsThanks a bunch for the replies! I have a direction to go in now, and hopefully get this taken care of once and for all.
Andreas Anastasiades
2,916 PointsAndreas Anastasiades
2,916 PointsHad the same thing once. Installed the plugin BruteProtect and it stopped..
Don't know what was happening but it fixed the issue though