WordPress Security – How To Change WordPress Default Admin Username

WordPress – Most Popular Content Management Systems

Based on information as at 13th Aug 2014, obtained from W3Techs (http://w3techs.com/), WordPress is the most popular Content Management System (CMS), having a market share of about 60.6%.

WordPress Security-WordPress Most Popular CMS

 

The popularity of WordPress is probably due to its ease of use and flexibility through its platform and the many themes available as well as its robustness, through plugins.  In the good old days, it took many programming days to establish a website, thus making owning a website a costly affair.  However, with technological advances, creating a fully functional website now, on WordPress, could be done in a matter of hours through a combination of platform, themes and plugins.

Default Admin Username

The usual WordPress default username with administrative rights is Admin.  Most, if not all, hackers know of this and will exploit this information for maximum gain.  If you are using the default Admin username, coupled with weak password management, you are basically offering your WordPress site to hackers with open arms.

Default Admin Username and Weak Password Equal WordPress Site Open House

 

Hackers typically take the route of least resistance and this presents a good opportunity for them to compromise your WordPress site.  You could be living in a world of false pretext if you think that your WordPress site won’t be hacked.  It’s a matter of when and not how.  At this very moment you are reading this article, there are bots (robots) scouting and scanning the internet for vulnerabilities and exploiting them for maximum gain (or fame).

Change Default Admin Username

There are many plugins available for changing the Admin username – you can check out more on http://wordpress.org/plugins/search.php?q=change+admin+username. But in this article, we will discuss changing the default Admin username manually.

  1. Log into your WordPress site using the default Admin username.
  2. After logging into your WordPress site, go to User -> Add New.
  3. In the Add New User tab, complete information pertaining to username, email, password and repeat password (Note: remember to use a strong password).
  4. The Role of this new user will be Administrator.
  5. Hit the Add New User button to create the new user.
  6. After successfully creating the new user with Administrator rights, log out of your WordPress site.
  7. Log back into your WordPress site using the new username with Administrator rights.
  8. After logging into your WordPress site, go to User -> All Users -> Select the Admin username -> Delete.
  9. In the Delete Users tab, decide on which user to Attribute all content to.  This is important as failure to so will result in losing all posts made by the Admin username.
  10. Hit the Confirm Deletion button when done.
  11. Congratulations – you have successfully changed the default Admin username.

Conclusion

Since we are on this topic of username, I would also like to share the following with you:

–        Users with Administrator rights should strictly be reserved for performing administrative tasks of your WordPress site (e.g. updating of WordPress version, themes, plugins, creating and deleting users).

–        Create another user for posting / publishing of blogs.  The role give could be Editor or Author (read more on: http://codex.wordpress.org/Roles_and_Capabilities).

–        Ensure that the username to access WordPress site is different from that as the username making the blog post.  You can make use of this functionality in WordPress “Display name publicly as” for this purpose.

So, as a good WordPress security practice, remember to change the username Admin, create separate users for blog posts, ensuring that the publicly displayed name is different from the username used to access WordPress and finally, use a strong password!  It pays to be safe than sorry and as a responsible website owner, we have a duty to all our website visitors, thus the need to secure our WordPress site.

Be safe on the online world and please share with us other tips on protecting your WordPress site!

No comments yet.

Leave a Reply