localhost/wp-admin

/wp-admin is the URL path to WordPress's admin dashboard — the backend where you write posts, manage plugins, change themes, and control your entire site. On a local development environment, the full URL is http://localhost/wp-admin (or localhost:8888/wp-admin on MAMP). On a live site, it's yourdomain.com/wp-admin.

If you're here, you're probably in one of two situations: you just installed WordPress locally and need to log in for the first time, or you're locked out of an existing installation. Both are covered below.

WordPress Admin: localhost/wp-admin

Direct login: localhost/wp-login.php

First-Time Login

After installing WordPress, your login credentials are whatever you entered during the "famous five-minute installation" — the setup screen that asks for site title, username, password, and email. If you used the default suggestions, the username is often admin. WordPress generates a strong random password and shows it during setup — if you didn't save it, you'll need to reset it (see below).

Go to localhost/wp-login.php (the direct login page) or localhost/wp-admin (which redirects to the login page if you're not already logged in). Enter your credentials and you're in the dashboard.

Locked Out? Password Recovery Methods

Getting locked out of WordPress is extremely common. Here are recovery methods listed from easiest to most drastic:

Method 1: "Lost Your Password?" Link

On the login page, click "Lost your password?" — WordPress emails a reset link to the admin email address. This works on live sites but usually not on localhost because local development environments don't send email by default. If you're on localhost, skip to Method 2.

Method 2: Reset via phpMyAdmin

This is the most reliable method for local WordPress. Open phpMyAdmin (at localhost/phpmyadmin), find your WordPress database, and change the password directly:

-- In phpMyAdmin, go to the wp_users table
-- Find your admin user row and click Edit
-- In the user_pass field:
--   Function: select MD5
--   Value: type your new password
-- Click Go

-- Or run this SQL directly:
UPDATE wp_users 
SET user_pass = MD5('your-new-password') 
WHERE user_login = 'admin';

After running this, go to localhost/wp-login.php and log in with your new password. WordPress will automatically re-hash the MD5 password to a stronger bcrypt hash on your first login.

Method 3: functions.php Password Reset

If you can access your WordPress files but not phpMyAdmin, add this to your theme's functions.php file temporarily:

// Add to wp-content/themes/your-theme/functions.php
wp_set_password('your-new-password', 1);
// The "1" is usually the admin user's ID

// Load any page on the site, then IMMEDIATELY DELETE this line
// Otherwise it resets the password on every page load

Method 4: WP-CLI (Command Line)

# If you have WP-CLI installed
cd /path/to/wordpress
wp user update admin --user_pass="new-password"

# Or create a new admin user
wp user create newadmin admin@example.com --role=administrator --user_pass="password123"

Common wp-admin Errors

"Error establishing a database connection" — WordPress can't connect to MySQL. On localhost, this usually means MySQL isn't running. Start it in your XAMPP/MAMP/WAMP control panel. If MySQL is running, check wp-config.php — the database name, username, password, or host might be wrong. MAMP uses port 8889 for MySQL, which trips people up.

Redirect loop (ERR_TOO_MANY_REDIRECTS) — Often caused by incorrect siteurl or home values in the database. Fix it in wp-config.php by adding these lines before "That's all, stop editing!":

define('WP_HOME', 'http://localhost');
define('WP_SITEURL', 'http://localhost');

White screen / blank page — A PHP fatal error with error display turned off. Enable debugging in wp-config.php to see the actual error:

define('WP_DEBUG', true);
define('WP_DEBUG_DISPLAY', true);

The most common cause is a broken plugin or theme. If you can't access wp-admin at all, rename the problematic plugin's folder via your file manager: wp-content/plugins/broken-plugin → wp-content/plugins/broken-plugin.disabled. WordPress deactivates plugins it can't find.

wp-admin redirects to live site URL — You migrated a site to localhost but the database still has the live URL. Either use the wp-config.php fix above, or update the database:

-- In phpMyAdmin, run:
UPDATE wp_options SET option_value = 'http://localhost' WHERE option_name = 'siteurl';
UPDATE wp_options SET option_value = 'http://localhost' WHERE option_name = 'home';

Securing wp-admin on Live Sites

On a production WordPress site, /wp-admin and /wp-login.php are constantly targeted by bots trying to brute-force their way in. Basic protections: use a strong password (not "admin"), install a login-attempt limiter plugin, enable two-factor authentication, and consider changing the login URL with a plugin like WPS Hide Login.