wp_users

Last updated: March 4, 2026

Stores WordPress user accounts. Core authentication and profile data.

Schema

ColumnTypeNullDefaultDescription
IDbigint(20) unsignedNOauto_incrementUnique user identifier
user_loginvarchar(60)NOUsername for login
user_passvarchar(255)NOHashed password (phpass)
user_nicenamevarchar(50)NOURL-friendly username slug
user_emailvarchar(100)NOUser email address
user_urlvarchar(100)NOUser website URL
user_registereddatetimeNO0000-00-00 00:00:00Registration timestamp
user_activation_keyvarchar(255)NOPassword reset key
user_statusint(11)NO0Deprecated (was spam flag in MU)
display_namevarchar(250)NOPublic display name

Indexes

Key NameColumnsUniquePurpose
PRIMARYIDYesPrimary key
user_login_keyuser_loginNoLogin lookup
user_nicenameuser_nicenameNoAuthor archive URLs
user_emailuser_emailNoEmail lookup

Foreign Key Relationships

Referenced by:

  • wp_posts.post_authorwp_users.ID
  • wp_comments.user_idwp_users.ID
  • wp_usermeta.user_idwp_users.ID
  • wp_links.link_ownerwp_users.ID

Password Hashing

WordPress uses phpass-based hashing:

  • Passwords start with $P$ (portable hash)
  • Modern WP also supports bcrypt ($2y$)
  • Never store or compare plaintext passwords
php
// Check password
wp_check_password( $plaintext, $hash, $user_id );

// Hash password
wp_hash_password( $plaintext );

Common Queries

Get user by ID

sql
SELECT * FROM wp_users WHERE ID = 1;

Get user by login

sql
SELECT * FROM wp_users WHERE user_login = 'admin';

Get user by email

sql
SELECT * FROM wp_users WHERE user_email = '[email protected]';

Get all users with roles

sql
SELECT u.ID, u.user_login, u.display_name, um.meta_value as capabilities
FROM wp_users u
JOIN wp_usermeta um ON u.ID = um.user_id
WHERE um.meta_key = 'wp_capabilities';

Get users registered in date range

sql
SELECT * FROM wp_users 
WHERE user_registered BETWEEN '2024-01-01' AND '2024-12-31'
ORDER BY user_registered DESC;

Count users by registration month

sql
SELECT DATE_FORMAT(user_registered, '%Y-%m') as month, COUNT(*) as count
FROM wp_users
GROUP BY month
ORDER BY month DESC;

Get user with post count

sql
SELECT u.*, COUNT(p.ID) as post_count
FROM wp_users u
LEFT JOIN wp_posts p ON u.ID = p.post_author 
  AND p.post_type = 'post' 
  AND p.post_status = 'publish'
GROUP BY u.ID
ORDER BY post_count DESC;

WordPress API Functions

  • get_user_by( $field, $value ) – Get user by ID, slug, email, or login
  • get_userdata( $user_id ) – Get user data object
  • wp_get_current_user() – Current logged-in user
  • wp_create_user() – Create new user
  • wp_update_user() – Update user
  • wp_delete_user() – Delete user
  • username_exists() – Check if username taken
  • email_exists() – Check if email registered

Security Notes

  • user_login cannot be changed after creation
  • user_email must be unique
  • user_activation_key is time-limited and single-use
  • user_status is deprecated—spam status stored in usermeta

More in Database Schema

wp_termmeta

Key-value storage for term metadata. Added in WordPress 4.4 to extend terms with custom data.…

wp_terms

Stores the basic term data (name and slug) for categories, tags, and custom taxonomies. Schema…

wp_usermeta

Key-value storage for user metadata. Stores capabilities, preferences, and custom user data. Schema Column Type…

Charset and Collation

WordPress uses UTF-8 character encoding with MySQL/MariaDB collations optimized for Unicode. Default Settings Since WordPress…

All WordPress Core Docs View all Database Schema
View on GitHub