Welcome to our 9-part series of the Ultimate Guide to Protecting Your WordPress Website.
This is Part 1: Changing Your Admin Username.
You won’t have to be too technical to do these yourselves and I’ll be here showing you on the screen, step by step how to do it.
Here are a few things you’ll need to prepare before starting:
- WordPress Administrative Area Login URL which is typically in most cases /wp-admin after your domain name
- Your WordPress administrative username
- Your Password
Today I’m going to show you how to secure your WordPress website by changing your default username, hiding it from the public, and generating a strong password.
Until WordPress 3.0, installing WordPress automatically created your username as “admin”. So if you had your website before June 2010, chances are that is the case. And if your website was built after, there is still a high chance it’s ‘admin’ because most web agencies and web hosting companies default to this.
While it is easy to remember, it’s also the username that hackers tend to target first. Fixing this is easy, so let’s get started.
Changing Your Admin Username
First, let’s log into your WordPress Admin area. On the left side, you should see “Users” > “Add New”
Create an unique username. Try to use a name that is not a combination or a variation of your first and last name. That may be too easy for someone to guess.
Fill in information, choose a secure password:
According to a few sources, around 8% of hacked WordPress websites are due to weak passwords.
So if your password is anything like ‘12345’, ‘abc123’, or ‘password’ which believe it or not, is way more common than you might think… change it now.
Often times, we have to advise our clients to change their password after they’ve told us what it is.
Now, for a password that’s easy to remember but very hard to crack, I recommend coming up with a good password recipe consisting of numbers, upper and lower case letters, and symbols.
Or simply head over to PasswordGenerator.net to get a strong password in seconds.
If remembering or storing all these passwords is a hassle, we recommend using a password manager like LastPass to manage them for you. Not only will LastPass securely store your passwords and create new passwords for you when you need them, it also automatically enters your passwords when you need to login to a website. Best of all, it’s free to sign up at LastPass.
Just remember, if you do decide to use this method, make sure your master password is strong and memorable.
Select the role: Administrator, “Add New User”
Go back to Users > All Users and edit that user. What we’re going to do is change the display name cause sometimes it defaults to your username, so that’s why it is good to hide it from the public.
Save the profile.
Now let’s logout and log in with the new user that we’ve created.
Navigate back to the Users > All Users.
Here you can just hover over the admin username, and hit delete. If there are any posts or pages that was created using the admin username, it will automatically give you the option to change the ownership of those articles to your new user account.
Hit Delete. You are done.
Thanks for watching this video.
Bookmark this page, subscribe, or save it somewhere so you can check back when we publish Part 2/9 next week!
If you got any questions or comments, please comment below.