How to Create and Add an Admin User With MySQL in WordPress

Three ways to restore WordPress admin access without the dashboard: a mu-plugin that creates an account on page load (no database tool needed), two SQL queries in phpMyAdmin or Adminer, or the same SQL queries via the MySQL command line.

Why You’d Need to Add an Admin User Via MySQL

Admin access can disappear for several reasons: a failed migration that rewrites wp_usermeta rows, a botched user-role change, a plugin that corrupts capabilities, or an accidentally deleted account. In WP STAGING support tickets, the most common cause of a locked-out admin is a failed migration that scrambled the wp_usermeta role assignment — here is how to fix it.

Creating an admin user directly in the database is safe and reversible. Nothing is deleted — you are only inserting new rows. The WordPress user system reads from these tables on every login, so the new account is available the moment the queries run.

Do you need a WordPress admin user restoration service? Get WP Staging Pro and one of our developers will restore the WordPress admin user for you!

Before You Start: Find Your WordPress Table Prefix

All three methods require knowing your WordPress database table prefix. The default is wp_, but many hosts or migration tools change it (for example, wpstg0_ or abc_).

Open wp-config.php in your site root and locate the line:

$table_prefix = 'wp_';

Replace wp_ in every SQL example below with whatever value you find there. The prefix also applies to the meta_key value — if your prefix is wpstg0_, the capabilities key is wpstg0_capabilities, not wp_capabilities.

Option 1: Add a WordPress Admin With a mu-plugin (No Database Access Needed)

If you have FTP or cPanel File Manager access but no database tool, a must-use plugin (mu-plugin) is the fastest path. Create a new file at wp-content/mu-plugins/add-admin.php and paste this code:

/*
Plugin Name: Add admin account
Description: This adds an admin account into database
Author: WP STAGING
Version: 1.0
Author URI: https://wp-staging.com
*/

add_action('wp_loaded', function() {
  if (isset($_GET['add-admin'])) {
    $inserted = wp_insert_user([
    'user_pass' => 'password',
    'user_login' => 'username',
    'user_email' => 'test@example.com',
    'role' => 'administrator'
  ]);
  var_dump($inserted);
exit;
  }
});

/*
Plugin Name: Add admin account
Description: This adds an admin account into database
Author: WP STAGING
Version: 1.0
Author URI: https://wp-staging.com
*/

add_action('wp_loaded', function() {
  if (isset($_GET['add-admin'])) {
    $inserted = wp_insert_user([
    'user_pass' => 'password',
    'user_login' => 'username',
    'user_email' => 'test@example.com',
    'role' => 'administrator'
  ]);
  var_dump($inserted);
exit;
  }
});

Change user_pass, user_login, and user_email to your desired values. Open your site at https://example.com/?add-admin to trigger the account creation, then log in with the new credentials.

Delete the mu-plugin file immediately after you log in. Leaving it in place means anyone who knows the URL can create an administrator account on your site.

Option 2: Add a WordPress Admin Via phpMyAdmin or Adminer

Open your database tool — Adminer or phpMyAdmin — and navigate to the SQL query panel. Run the following three queries in order, updating the prefix and credentials to match your site.

Important: If you have another table prefix instead of wp_ you’ll need to modify the table prefix as well!

Step 1 — Insert the user row. Substitute your chosen username, password, display name, and email address.

INSERT INTO `wp_users` (`user_login`, `user_pass`, `user_nicename`, `user_email`,
`user_status`)
VALUES ('wpstaging', MD5('password123'), 'Rene Hermenau', 'support@domain.com', '0');

INSERT INTO `wp_users` (`user_login`, `user_pass`, `user_nicename`, `user_email`,
`user_status`)
VALUES ('wpstaging', MD5('password123'), 'Rene Hermenau', 'support@domain.com', '0');

Step 2 — Assign the administrator role capability.

INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`)
VALUES (NULL, (Select max(id) FROM wp_users),'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`)
VALUES (NULL, (Select max(id) FROM wp_users),'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

Step 3 — Set the legacy user level (checked by older themes and plugins).

INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_user_level', '10');

INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_user_level', '10');

After all three queries succeed, navigate to wp-login.php and log in with your new credentials.

If your prefix is not wp_, substitute it in every occurrence of wp_users, wp_usermeta, wp_capabilities, and wp_user_level. For example, with prefix wpstg0_, the table names become wpstg0_users and wpstg0_usermeta and the capabilities meta key becomes wpstg0_capabilities.

Option 3: Add a WordPress Admin on the MySQL Command Line

If you have SSH access, the MySQL command line produces the same result as Option 2 without needing a browser-based tool. The SQL statements are identical — only the interface differs.

Step 1 — Connect to the MySQL server.

mysql -u <username> -p

mysql -u <username> -p

Replace <username> with your MySQL user. You will be prompted to enter the password.

Step 2 — Select the WordPress database.

USE <database_name>;

USE <database_name>;

Replace <database_name> with the database name from wp-config.php (the DB_NAME constant).

Step 3 — Insert the new user row.

INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_status)
VALUES ('<username>', MD5('<password>'), '<display_name>', '<email>', '0');

INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_status)
VALUES ('<username>', MD5('<password>'), '<display_name>', '<email>', '0');

Replace <username>, <password>, <display_name>, and <email> with your values. The MD5() function encrypts the password; use a strong password here and change it from the WordPress dashboard afterward.

Step 4 — Get the new user ID.

SELECT ID FROM wp_users WHERE user_login = '<username>';

SELECT ID FROM wp_users WHERE user_login = '<username>';

Note the integer returned — you need it in the next step.

Step 5 — Assign the administrator role.

INSERT INTO wp_usermeta (user_id, meta_key, meta_value)
VALUES (<user_id>, 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

INSERT INTO wp_usermeta (user_id, meta_key, meta_value)
VALUES (<user_id>, 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');

Replace <user_id> with the ID returned in Step 4.

You have now created a new WordPress admin user on the MySQL command line. Log in to the dashboard with the username and password you chose.

Troubleshooting: If the New Account Doesn’t Work

If you still cannot log in, or the account appears in Users but shows the role as Subscriber rather than Administrator, work through these three causes in order.

Wrong Table Prefix

The most common mistake is running the queries with wp_ when the site uses a custom prefix. Re-run the INSERT and UPDATE queries substituting the correct prefix from wp-config.php. The meta_key value is also prefix-dependent: wp_capabilities becomes <prefix>capabilities, for example wpstg0_capabilities.

Missing wp_usermeta Row

WordPress reads wp_capabilities from wp_usermeta to determine role on every login. If Step 2 (Option 2) or Step 5 (Option 3) failed silently — for example because the user_id subquery returned NULL — the account exists in wp_users but has no role. Re-run the INSERT INTO wp_usermeta query and verify the row appears in the table before trying to log in again.

Duplicate Email Conflict

If an existing account already holds the email address you supplied, the INSERT succeeds but WordPress may route login attempts to the older account. Run SELECT user_email FROM wp_users first to confirm the email is not already in use, or choose a unique recovery email address.

After Restoring Access: Harden Your WordPress Login

Once you are back in the dashboard, take a few minutes to prevent a repeat lockout:

• Enable two-factor authentication — any reputable 2FA plugin makes a brute-force or accidental account deletion far less likely to leave you locked out.
• Audit user roles — go to Users → All Users and confirm there are no unexpected administrator accounts, including the recovery account you just created.
• Update the recovery account’s email or delete it once you have verified your main admin account is working correctly.
• Remove any mu-plugin created for this recovery from wp-content/mu-plugins/ immediately after regaining access.
• Take a full backup before any future database surgery so you have a clean rollback point.

I hope this article helped you understand how to create a new admin user in your database manually. Please get in touch with us if you still have questions or if something is unclear.

Author: Rene Hermenau

About the author: René Hermenau is the founder of WP STAGING. He works on WordPress backups, staging, migrations, database handling, and safe deployment workflows.

View Rene Hermenau’s full author profile