It’s a dangerous world out there online for any WordPress website owner…
One of the areas of attack hackers love is a nice and unsecure administrator account to go after…let me show you how to make your site seem much less appealing a target.
When your WordPress website is first setup, there’s a very high chance that it was done by a script such as Fantastico or Softtaculous.
I’m also willing to bet good odds that when it came to choosing a username for your website you opted for admin, as is all too often the case.
This choice of username is like paining a big shiny target on your back for hackers to hone in on.
They LIVE for the username admin to be used!
It’s one of the tickboxes in their assault checklist when choosing websites to target.
So making such a small change can yield significant benefits in removing yourself from their easy target list.
Here’s how to do it:
BEFORE PROCEEDING ENSURE YOU HAVE A FULL AND RECENT BACKUP OF YOUR WEBSITE
- Login to your WordPress Dashboard
- Click Users on the left side menu
3. Click Add New button at the top
4. Create a new user with your information, ensure you pick a username that only you know (and of course will remember) and also – use a STRONG password
One way to create a strong password is using the awesome Roboform tool (and much more besides)
Click the Add New User button
5. Now you have your new administrator account, logout of the existing account and back in with your new administrator account.
Now, it’s time to remove the old administrator account.
6. Again, click Users
7. Click the search box at the top right of the screen and type admin into the box, click Search Users
8. When the admin account is found, hover over it and choose delete
9. Now you need to reassign existing content created with the old account to the new one.
Click the radio button labelled Attribute all content to: then select the name of the new administrator account in the drop down list.
Click Confirm Deletion
10. And now you’re done
You have successfully created a new, secure administrator account and removed the old unsafe administrator account.
You have also protected the content created by the old account by assigning it over to the new account.