It is super frustrating when you try to log in to your WordPress, but it keeps returning an error, even if you are one hundred percent sure that your login credentials are correct.
Several problems can trigger such an issue.
In this article, we will list the most common WordPress login issues that might restrict your dashboard access and how to fix them. By the end, you will also learn how to prevent such an issue from happening in the future.
Without further ado, let’s dive right in.
09 Common WordPress Login Issues and Fixes
Let’s take a closer look at WordPress login issues and how to fix them effectively.
01. Cookies or Cache Issues
Most of the time, cookies or cache is the culprit when you can’t log in to your WordPress.
A cookie is a small piece of information that is stored on your browser when you land on a website and accept cookies (in other words, you consent to the website storing information on your browser). Cookies help enhance and personalize your experience on a website. When you revisit a website, the cookie tells the web browser helpful information about your choices and preferences.
For example, an eCommerce website may store cookies to understand your preferences, so when you come back, you can see deals you are more likely to be interested in.
On the other hand, Cache is, let’s say, a temporary copy of a website that is stored on your browser, so when you revisit the website, it can load the website easily using the stored cache.
Having a conflict between cookies and cache can cause WordPress login issues.
Easy Fix: Clear Browser Cookies
Clearing browsing cookies can eliminate cookies and cache issues. Here’s how to clear browsing cookies.
You can do it from the Customize and Control Google Chrome option (three dots in the top right corner).
Alternatively, open a new tab and press Ctrl + Shift + Delete. That will take you to a screen like this:
Simply checkmark all the options, and then press the Delete data button.
02. Plugin or Theme’s Incompatibility
An astonishing amount of WordPress problems can be traced back to WordPress themes and plugins. Outdated themes and plugins are not only prone to critical vulnerabilities, they can also cause incompatibility problems.
A plugin requiring an update or two or more plugins having compatibility issues can lead to WordPress login issues.
Especially if you are using a plugin to customize WordPress login pages or to increase their security, there is a high chance that the plugin is at fault.
Similarly, themes can cause compatibility or UX issues, which may prevent you from inputting credentials in the information box, locking you out of your WordPress.
Easy Fix: Update, Disable, or Delete Such Themes and Plugins
Since you have been locked out, you must enter the website using the back door. Simply put, the file manager of your WordPress (aka cPanel). From there, you can access your wp-login.php folder or any other element of your website, including themes and plugins, using a web-based interface.
Afterward, disable, delete, or isolate the plugin and try again.
Once you regain access to your WordPress dashboard, delete the troublesome plugin or theme and update the remaining ones. You can easily update plugins collectively using the bulk feature.
Updating the plugin should fix your WordPress login issues.
03. Masked Login URL
Not being able to log in is definitively frustrating, but not being able to find the login page is even more frustrating. If you can’t find the website’s login page or for some reason, your login URL has been changed.
Usually, the default login URL is yourwebsite.com/wp-login.php. Alternatively, you can replace the wp-login with wp-admin, which also redirects you to wp-login.php.
If you can’t find the login page, that could mean:
- One of the admins has changed the login URL.
- You forgot the login URL.
- You downloaded a plugin that automatically changes the login URL.
For example, upon installation, the AIO Login plugin automatically changes your admin URL to /login.
Easy Fix: Find the Login Page using FTP or Tools
If an admin has changed the login URL, you can communicate with them and ask for the new login URL.
If a plugin has changed, you can delete the plugin from cPanel, and it will revert to the default one.
But if you can not contact the admin and you have forgotten your login URL, you can use several tools that can crawl each page of your website, including the admin one. You can use tools like
If you do not want to use third-party tools, you can find the login URL in the .htaccess file.
Login URL changes are sometimes reflected in the .htaccess file. The file manager allows you to access the .htaccess file in the root folder of your WordPress installation. Look for any rewrite rules that indicate the custom login URL.
Alternatively, check out the /wp-login.php folder. Numerous URL changer plugins store data in that folder, and deleting the data or changing its name can restore it to default.
Ultimately, your hosting provider can also assist in finding or changing the login URL.
04. Revoked Access
If your credentials continuously return an “Unknown email address” error, there is a chance your access was revoked. This can only be done by those who have administrative access.
Easy Fix: Request Admin or Create a New User Through FTP
The easiest way out is to communicate with the administrators, and there is a chance your access might be revoked mistakenly. Thus, clear communication can solve the problem effortlessly.
However, if that is not an option, you can create a new user through your hosting access. If you have hosting or FTP access, head to your cPanel (or any site management platform) and reset your password using phpMyAdmin.
Navigate to the wp_users table, find your user account, and click Edit. In the ‘user_pass’ field, select MD5 from the dropdown and enter a new password. Save changes and log in again. This should allow you to enter your WordPress dashboard.
As a last resort, restoring your previous backup can also revert the account and access changes.
05. Brute Force Attacks
Brute force is a cyberattack that occurs when hackers use trial and error to crack sensitive information such as credit card information or login credentials. It can be performed on your WordPress login and does not require special software. This is a common WordPress login issue that most webmasters encounter.
Of all the breaches caused by hacking, 80% involve brute force or lost/stolen credentials. Hence, it’s necessary to be geared up before your website faces an issue like that.
Easy Fix: Implement Necessary Measures
As we learned, it can be performed on WordPress login, and the default WordPress login is super vulnerable because you can easily access a website’s login page by entering /wp-login.php or /wp-admin after your domain.
Examplewebsite.com/wp-login.php will take you to the login page of the example website, where a cyberattacker can easily perform a brute force attack. Hence, the first step is to install a reliable login security plugin like AIO Login.
AIO Login provides complete security solutions for brute force attacks.
The first step to combat brute force attacks is to change your default WordPress login URL. AIO Login can help you with that. Navigate to the Login Protection tab >> Change Login URL subtab. Change the login URL to whatever you want.
To add another layer of security, you can implement 2FA or reCAPTCHA.
reCAPTCHA stops bots and helps with traffic filtering, and 2FA requires the user to verify their authentication using another factor of verification—usually through a TOTP app. This technology prevents hackers from gaining unauthorized access even if their login credentials are correct.
You can implement 2FA or reCAPTCHA by navigating to the Security tab >> the respective subtab of the feature you want.
Last but not least, limit login attempts to trap hackers after a set of incorrect attempts. This feature automatically blocks IP addresses that are continuously trying to log in using incorrect login credentials.
Since brute force attacks require thousands of login attempts to ‘guess’ a password, limiting attempts to 3 or 5 can help get rid of brute force attacks.
You can limit login attempts by switching to the Login Protection tab >> Limit Login Attempts subtab.
06. Exceeded Login Attempts
If you already use the limit login attempts feature, you might be seeing an error because you have exceeded the set number of login attempts, which is usually 3 to 5.
In this case, you should see a personalized message displaying the remaining total time before you can attempt again.
Easy Fix: Wait or Restrict the Plugin via File Manager
If the site shows how long you have to wait before your next attempt, it is better just to let the timer run out. Use this time to reflect on your credentials and see if you are making a mistake. Your caps lock might be on, one of the buttons on your keyboard might not be working, causing the issue, or the administrator might have changed the password.
Make sure to ask the administrator if they have changed the password. If yes, enter the correct password after the set time, and you should be able to get in.
If you are the only administrator, then you can disable the plugin through your admin panel or cPanel.
In the File Manager, navigate to your WordPress installation directory. This is typically located in the public_html folder or a subfolder if WordPress is installed in a subdirectory.
Go to public_html >> wp-content >> plugins.
You will see directories for each plugin installed on your WordPress site. Each folder is named after the plugin it contains. Locate the folder for the plugin you want to disable and rename that folder. To effortlessly rename a plugin, right-click on the plugin’s folder and choose Rename.
Renaming to anything will force WordPress to think the plugin is missing and deactivate it automatically. You can activate it later once you regain access to WordPress.
07. Lost Password
If you can’t access WordPress because you have lost or forgotten your password, you can take the following steps to get back into your website.
Easy Fix: Use the Lost Your Password Feature or Reset Password Through phpMyAdmin
You can simply use the Lost Your Password feature, which sends a password recovery link to your email address. You can effortlessly change your password from there and log in again with your new credentials.
Alternatively, you can change your password through the control panel (cPanel). Open your cPanel and navigate to phpMyAdmin. Then, navigate to the WordPress database and find the `wp_users` table.
Locate your username, click Edit, and enter a new password in the user_pass field. Change the function to MD5 (WordPress uses MD5 hashing for passwords). Save the changes, and your new password will be set.
Additionally, some hosting providers offer various tools in the cPanel to reset passwords in case you are locked out. You can take advantage of such a feature if your hosting provider offers it. Moreover, your hosting provider can also perform all these steps for you.
So, it is best to contact your hosting provider in such a condition.
08. .htaccess File Issue
The ‘.htaccess’ file is a configuration file the web server uses to control and manage server behavior for a particular directory or your entire website. It allows you to make server-level changes without accessing the main configuration file.
Any conflict or misconfiguration of this file can lead to issues like a login page refreshing error or an internal server error (aka 500 error).
⚠️ This file is deadly. Making changes to it can make your WordPress inaccessible or completely break your website. Proceed at your own risk, or simply contact us to consult with a WordPress expert.
Easy Fix: Delete the .htaccess file
To fix this login problem, access your WordPress through an FTP client and locate the .htaccess file. It is usually in the root folder of your website.
This file is crucial for WordPress. Therefore, download the file to your computer as a backup. After successfully downloading it on your setup, delete the file from your website’s directory. If you find it in the wp-admin directory, delete it from there as well.
Once you are done, log in to your WordPress site. If the .htaccess file prevented you from accessing it, you should be able to enter it now.
09. Outdated Browser or Extensions
An outdated browser and the extension you use on your browser can also cause WordPress login issues. Several plugins or add-ons can interfere with website functionality.
Extensions that can block/modify cookies, modify JavaScript, or inject scripts can cause several WordPress login issues.
Easy Fix: Disable Extensions and Update your Browser
If you suspect that an extension or an add-on is causing the log in issue, immediately disable or delete the problematic extension or add-on.
Carefully go through all your extensions and check if any plugin has permission to perform the aforementioned actions. These extensions usually fall under the security/privacy category. After carefully disabling all of them, log in again.
If the problem was not the extensions but the browser, update your browser. Ensure you are using the latest version of your preferred browser. For Chrome, hover over Help >> About Chrome using the three dots in the top right corner.
If you can’t see an Update Chrome button, you are already using the latest version.
After updating your browser, clear cookies and cache and relaunch it. If the problem persists, try a different browser or go incognito. This will help determine if your browser is indeed causing the WordPress login issues and not something else.
Key Takeaways
Now that you know how to fix common WordPress login issues, here’s what to do to prevent them in the first place.
Firstly, make sure to limit the number of extensions on your browser and plugins on your WordPress. Also, ensure to timely update your software, including WordPress, browser, plugins, themes, etc.
Secondly, use password managers to store and manage your passwords to prevent losing them. Also, use super strong passwords to stop brute-force attacks. Other important measures should be utilized as well, such as limiting login attempts and implementing 2FA.
Lastly, timely clear browsing cookies every once in a while to prevent WordPress login issues caused by cookies and cache.
Download AIO Login to take your WordPress login security to the next level!
Frequently Asked Questions
Why is my WordPress login not working?
There are several reasons why you might be facing WordPress login issues. It could be a cookies/cache issue, a plugin or theme incompatibility, a corrupted .htaccess file, or an outdated or broken browser and extensions.
Why am I getting so many failed login attempts on WordPress?
If you suddenly receive unexplainable failed attempts, there is a high chance you are facing a brute-force attack. Immediately block the suspicious IPs and deploy safety measures such as limiting login attempts, enabling 2FA, and changing your WordPress login URL.
Why can’t I log into my WordPress account?
If you can’t log in to your WordPress account, an administrator might have revoked your access. Contact the site administrator or reset your password using phpMyAdmin. Save changes and log in again. This should allow you to enter your WordPress account.
What to do if I forget my WordPress password?
If you have forgotten your WordPress password, you can use WordPress’s lost your password feature to recover your password. Alternatively, you can change your password through the control panel. Open the WordPress database and find the `wp_users` table. Locate your username, click Edit, and enter a new password in the user_pass field.