[cs_section id=”” class=” ” style=”margin: 0px; padding: 0px; ” visibility=”” parallax=”false”][cs_row id=”” class=” ” style=”margin: 0px auto; padding: 0px; ” visibility=”” inner_container=”true” marginless_columns=”false” bg_color=””][cs_column id=”” class=”” style=”padding: 0px; ” bg_color=”” fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″][x_video_embed no_container=”true” type=”16:9″][/x_video_embed][x_custom_headline level=”h2″ looks_like=”h5″ accent=”false”]It’s a dangerous world out there online for any WordPress website owner…[/x_custom_headline][cs_text id=”” class=”” style=”” text_align=””]One of the areas of attack hackers love is a nice and unsecure administrator account to go after…let me show you how to make your site seem much less appealing a target.
[/cs_text][cs_text id=”” class=”” style=”” text_align=””]When your WordPress website is first setup, there’s a very high chance that it was done by a script such as Fantastico or Softtaculous.
I’m also willing to bet good odds that when it came to choosing a username for your website you opted for admin, as is all too often the case.
This choice of username is like paining a big shiny target on your back for hackers to hone in on.
They LIVE for the username admin to be used!
It’s one of the tickboxes in their assault checklist when choosing websites to target.
So making such a small change can yield significant benefits in removing yourself from their easy target list.
Here’s how to do it:
BEFORE PROCEEDING ENSURE YOU HAVE A FULL AND RECENT BACKUP OF YOUR WEBSITE
- Login to your WordPress Dashboard
- Click Users on the left side menu
[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/click-users.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]3. Click Add New button at the top[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/click-add-new.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]4. Create a new user with your information, ensure you pick a username that only you know (and of course will remember) and also – use a STRONG password
One way to create a strong password is using the awesome Roboform tool (and much more besides)
Click the Add New User button[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/add-new-user.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]5. Now you have your new administrator account, logout of the existing account and back in with your new administrator account.
Now, it’s time to remove the old administrator account.
6. Again, click Users[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/click-users.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]7. Click the search box at the top right of the screen and type admin into the box, click Search Users[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/search-for-admin.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]8. When the admin account is found, hover over it and choose delete[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/delete-admin-account.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]9. Now you need to reassign existing content created with the old account to the new one.
Click the radio button labelled Attribute all content to: then select the name of the new administrator account in the drop down list.
Click Confirm Deletion
10. And now you’re done[/cs_text][x_image type=”none” src=”https://s3.amazonaws.com/blogposts.paul-irvine.com/SecureYourWordPressUsername/confirm-deletion-of-admin-account.jpg” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=”” class=”aligncenter”][cs_text id=”” class=”” style=”” text_align=””]You have successfully created a new, secure administrator account and removed the old unsafe administrator account.
You have also protected the content created by the old account by assigning it over to the new account.[/cs_text][/cs_column][/cs_row][/cs_section]