Securing the WordPress admin user.

Get in touch

If you would like help with Securing the WordPress admin user. or with any other topic then feel free to get in touch for a chat.

Hands up if you have a WordPress website?

OK now hands up if you have an administrator on your site with the username admin?

How did I guess?

Well the simple fact is, that’s the default, but to understand why this can be a problem you need to understand how many WordPress website (or to be honest many sites/password in general) get hacked. So lets have a look at the Brute Force or dictionary attack.

Lets say your password is dolphin

If I was to start at aardvark and try every word in the dictionary how long would it take to guess your password? hours? days? weeks? now think about how fast a computer can guess?

The iPhone 6 is a computer, it uses an Apple-designed 64 bit Cortex A8 ARM architecture composed of approximately 1.6 billion transistors. It operates at 1.4 GHZ and can process instructions at a rate of approximately 1.2 instructions every cycle in each of its 2 cores. That’s 3.36 billion instructions (or in our case guesses) per second.

So dolphin probably isn’t a good password, but at this rate u*6RAg’m isn’t really that much better.

But what has this got to do with your username, well there are bots (software robots) that will look for WordPress websites and guess standard usernames and passwords, this means if they already know your username and you have a weak password it’s really not going to take that much effort to get into your website.

By changing your username and having a strong password that means the bots have 2 things they need to guess, and for each guess at a username they have to try every possible password, this becomes a gargantuan task, so logically the bot is going to move on to the next site and leave you alone.

So how do we change our admin username?

1.  In the WordPress dashboard, click “Users” then “Add New”

2. Set your new username and password, try to ensure that your password registers as “Strong”‘ and that you choose the Administrator Role then click “Add New User”.

3. Now log out of your Admin user and log back in with your new user, then return to “Users”, “All Users”.

4. Hover over the Admin user and the context menu will appear, click on the “D

5. Make sure you choose “Attribute all content to:” to assign all your existing content to the new username and then click “Confirm Deletion”

Your Admin user has now been replaced with your new username

Premium Themes & Plugins

When you sign a website up for any of our monthly plans you get access to many of our favourite premium plugins and themes — at no additional charge. Savings up to £250 per year!

Gravity forms, Create stunning forms with ease.
~£43 per year.

Optimise Images, Website Cache, Security and more.
~£136 per year.

Add a range of extra tools to your Divi Website.

Backup your website to Google or Dropbox with ease.

Backup your website to Google or Dropbox with ease.
~£80 per year



Sign up to our newsletter for the latest hints tips & offers.

Did you know nearly 70% of people unsubscribe from email lists because they receive emails too often? That’s why we often don’t get round to sending a newsletter but when we do make sure its worth reading.

  • What’s happening with us and the internet/digital in general. 
  • Lots of helpful advice on a whole range of website and digital skills topics.
  • Sales and offfers from us and our partners.