Do not use username admin in WordPress

Do not use username “admin” in WordPress

Do you use WordPress CMS? Do you log in with username “admin”? I thought I’d mention how important it is to NEVER use that username ADMIN while logging into WordPress. This username often comes standard within auto-installs of this CMS. Leaving this name as is exposes a giant vulnerability for nasty hackers to gain access to the backend of your site.

How to fix?

Very simple… delete the username.

1) Create new user:
Log into your WordPress site > click on users > add new > create new user (with full administrator privileges)

2) Log out and log back in with new username you just created

3) Delete username “admin”
Click on all users > hover over username > delete

(You will be prompted with what to do with any posts or links created under the username admin. It’s very important that you choose “attribute all posts and links” to your new username)

Here’s what it looks like: (WordPress 3.4.2.)

deleting user in wordpress

How to Delete user in WordPress

Delete user in WordPress

How to Delete user in WordPress

Confirm deletion

4) Done

Here’s one of the very reasons why you shouldn’t ever use the username “admin”

Wordpress - too many failed login attempts using the username 'admin'

Do NOT Use the Username Admin in WordPress

You might also want to try using this particular plug-in: (Limit Login Attempts) *shown in above screen shot* to block IP’s from gaining access to your WordPress backend ( even if the username admin doesn’t exist)

Hope that helps… and as always, SHARE if you CARE.