WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Login -unsafe? (14 posts)

  1. Karo
    Member
    Posted 3 years ago #

    This question may be better of on the "Miscellaneous"-forum but it would be great to get some answers anyways. And if I'm right about this -maybe it should be discussed? (Altough I'm a bit suprised that it hasn't been already!)

    When we (the useres of wordpress.org) register our domain and usernames we only have the option to choose "admin" and then our own personal password. Why is that?
    Isn't a bit unsafe that we all have the same username?

    I mean, there are a whole bunch of worldclass hackers out there -how easy is it to "break" the code, find the password and hack into all the sites that uses wordpress?

    -karo-

  2. esmi
    Forum Moderator
    Posted 3 years ago #

    You can change the admin user name - either by editing the database directly or using a plugin.

  3. mrmist
    Forum Janitor
    Posted 3 years ago #

    Or if you don't want to use a plugin or edit the db, you can create a new user, grant it administrator role, then use it to delete the "admin" account.

  4. mrmist
    Forum Janitor
    Posted 3 years ago #

    But to answer the original question, I don't think it makes things that much more insecure - most hacks are scripts that attack vunerabilities in software, they don't bother trying to actually log in.

  5. Karo
    Member
    Posted 3 years ago #

    Seriously? Ok, cool!

    I did ask the same question to my hosts support (online and he knew wordpress more than anything he said) -and was told different.

    But if it works it's great!
    Could any of you point me in the right direction though?
    Create a new user on wordpress.com?

    Thanks for the answers! (I'm still a learning, working hard, neewbie)

    -karo-

  6. esmi
    Forum Moderator
    Posted 3 years ago #

    wordpress.com?

  7. I thought 3.0 let you pick your admin name on creation?

  8. Karo
    Member
    Posted 3 years ago #

    Yeah, sorry -did try it on my adminpage just now, but I cannot use the same mail-adress twice. So -how do I change it within the db? Anyone who cares to give me a kind of step-by-step..? :)

  9. Change your admin account to a temp email and sign up with the one you want (though I had thought you could login as admin and manually register people with the same email... maybe that was a long time ago)

  10. mrmist
    Forum Janitor
    Posted 3 years ago #

    You can surely register people, 'cos I'm fairly sure I somehow managed to register an account without an email address on my test site.

  11. esmi
    Forum Moderator
    Posted 3 years ago #

  12. Karo
    Member
    Posted 3 years ago #

    Thanks for taking interest guys! :)

    I did what "ipstenu" said and used a temp email and created a new user. And even though that solved my original problem -I now can't get rid of the orignial "admin" user. Both are set to be administrators -but the old one has no "delete"-option on it's profile page.

    Sure, I can have both users there -I just don't have a need for it.

    I will take a look at the plugin options, but if anyone knows how to change this in the core files of the database, I would be so happy to learn and listen. To many plugins and I go mad, it's just to much "clutter" in the end to keep updating etc.

    -karo-

  13. mrmist
    Forum Janitor
    Posted 3 years ago #

    Once you have created your new admin user, log in as that user. Then you should see a "Delete" option in the "Users" (quick edit) view (not on the actual user edit view)

  14. Karo
    Member
    Posted 3 years ago #

    Forgot to say thanks! mrmist had the final saying, and it worked! Problem solved -and no more "admin" on my account, fantastic! :)

Topic Closed

This topic has been closed to new replies.

About this Topic