How do I grant Admins access to reset user passwords?

I run a Wordpress multisite of 1000+ users most of which I had to batch create during the final stages of the site. I had to use a generic e-mail in gmail (;; etc etc.) along with the batch create plugin which worked a treat but now some users keep pestering me since they've forgotten their password after they changed it from the generic one.

I have site admins but only myself as Super Admin and it seems like I am the only one who is able to reset their passwords which isn't ideal.

Is there a way to grant Admins rights to change user passwords without giving them suer Admin access?


  • Alexander

    Hi @roirizla,

    Unfortunately, the problem is that user accounts are managed on a network level. And users can belong to multiple sites. This is why they can only be managed by a super admin account.

    For instance, if an admin of site A reset a user's password, it would also affect their ability to login on site B.

    The best thing to do is have these users directed to the password reset form.

    You could also setup our support system plugin: This would provide an easy way for site admins to escalate password requests to super admins.

    Best regards,

  • Steve'O

    Thanks Alex,

    I've had the support system installed for a while now and it rocks!
    Sadly, our agents do not have corporate e-mail addy's and to make things worse, our draconian stone-age IT policy doesn't allow them to visit their gmail, yahoo etc. accounts. Now that I think of it, most of my time is spent working around their fears to make the community work. In this instance I think I'm screwed and will have to bite the bullet or create more super users which is a risk in it's own right just for the sake of updating passwords.

    Thanks for your insights and quick response previously.

  • Steve'O

    Using the above, I managed to create a plugin which I attach for you to use as you see fit :slight_smile:
    Couldn't attach the txt so here's the code. Simply create a .php file and add the below to your plugins

     * Plugin Name: Change User Credentials - Admin Plugin
     * Plugin URI:
     * Description: This custom plugin was created to allow WPMU Admins to reset user credentials where previously only SUPER Admins were able to do so. Simply add the plugin and activate.
     * Version: The plugin's version number. Example: 1.0.0
     * Author: I just took the code from this site and all credit goes to them:
     * Author URI:
     * Text Domain: Optional. Plugin's text domain for localization. Example: mytextdomain
     * Domain Path: Optional. Plugin's relative directory path to .mo files. Example: /locale/
     * Network: Optional. Whether the plugin can only be activated network wide. Example: true
     * License: A short license name. Example: GPL2
    function mc_admin_users_caps( $caps, $cap, $user_id, $args ){
        foreach( $caps as $key => $capability ){
            if( $capability != 'do_not_allow' )
            switch( $cap ) {
                case 'edit_user':
                case 'edit_users':
                    $caps[$key] = 'edit_users';
                case 'delete_user':
                case 'delete_users':
                    $caps[$key] = 'delete_users';
                case 'create_users':
                    $caps[$key] = $cap;
        return $caps;
    add_filter( 'map_meta_cap', 'mc_admin_users_caps', 1, 4 );
    remove_all_filters( 'enable_edit_any_user_configuration' );
    add_filter( 'enable_edit_any_user_configuration', '__return_true');
     * Checks that both the editing user and the user being edited are
     * members of the blog and prevents the super admin being edited.
    function mc_edit_permission_check() {
        global $current_user, $profileuser;
        $screen = get_current_screen();
        if( ! is_super_admin( $current_user->ID ) && in_array( $screen->base, array( 'user-edit', 'user-edit-network' ) ) ) { // editing a user profile
            if ( is_super_admin( $profileuser->ID ) ) { // trying to edit a superadmin while less than a superadmin
                wp_die( __( 'You do not have permission to edit this user.' ) );
            } elseif ( ! ( is_user_member_of_blog( $profileuser->ID, get_current_blog_id() ) && is_user_member_of_blog( $current_user->ID, get_current_blog_id() ) )) { // editing user and edited user aren't members of the same blog
                wp_die( __( 'You do not have permission to edit this user.' ) );
    add_filter( 'admin_head', 'mc_edit_permission_check', 1, 4 );