Wordpress password

April 2, 2014 4.7k views
How to remove the password when we installed a direct droplet with wordpress?
3 Answers
If you are referring to the one click install wordpress, you will have to login to your server with SSH and it should show you the password so you can access the wordpress setup. I wouldn't recommend removing it because that would be a security risk. Though if for any reason you still want to, you can sftp into your droplet with an ftp client like filezilla by typing in hostname like this: sftp://IP.addr.ress eg. sftp:// then in the /var/www/wp-admin directory you delete the .htaccess file.
  • There may be nothing more annoying than the answer "I have no context on why you would want to do what you've asked to do but I'm still going to tell you to do it differently because I know better"

    The reality is, Wordpress no longer requires default Admin username, making this completely unnecessary. Removing this, is VERY necessary for anybody who is passing this off to a client, or a company that wants to be able to use Wordpress in the way it was intended. The reason this exists in the first place to prevent an attacker from hijacking an installation soon after a droplet is created NOT to provide a longterm layer of security.

    Finding the answer to this question is frustratingly annoying and slowly decaying my love for DigitalOcean.

What I need is to remove the password that appears before the wp-admin to login to the server.
See the Removing the Additional Apache Password Prompt for Admin Areas section of https://www.digitalocean.com/community/articles/one-click-install-wordpress-on-ubuntu-13-10-with-digitalocean.
  • What do I do when I do this, restart Apache and it still pops up when I try to login (and it accepts no password I've ever chosen or received)?

  • What's the output of sudo grep -ri htpasswd /etc/apache2; cat /var/www/.htaccess?

Have another answer? Share your knowledge.