WordPress show your WordPress login and ID in several places. It’s time to fix this !
- WordPress automaticaly uses “User login” to fill in the “User Display Name”.
- WordPress also allows everyone to use the same value for Nickname, Display Name and Login.
- The body_class function also shows to everyone your User ID and Login on author pages.
A hacker can easily see then use your “NickName” or “Display Name” to find your real login. Once activated, SX User Name Security will prevent WordPress from showing those informations.
Body_class function :
- Removes User ID from body_class function (author pages)
- Removes User Nicename from body_class function (author pages)
User informations :
- The plugin changes “Display Name” and “Nickname” to a random value (like ‘Ticibe T. Aduvoguripe’, ‘Lagubo N. Agigerovibe’ or ‘Datela N. Orejadavino’) if they are equal to user login
- If not, it changes “Display Name” to “Nickname” or “Nickname” to “Display Name” if one of them is equal to user login
New Registration :
- Display Name and Nickname are changed to random value during user registration.
- Nicename is also changed (it’s used to generate the user permalink on the front-end). For previous user, a notice has been added to use another plugin to safely change old nicenames. 😉
All functions are translated into french and english.
Upload and activate the plugin.
A notice and a button will be displayed to handle all users in order to hide their logins. Then, SX User Name Security will prevent WordPress from ever showing login and ID informations.
Do I need to do anything else for this to work?
Yes : just visit the admin user page to see if you have to modify some of your users.
It’s also better to use SF Author URL Control (https://wordpress.org/plugins/sf-author-url-control/) combined with this plugin to also change current author permalinks (in order to hide login information).
Contributors & Developers
“SX User Name Security” is open source software. The following people have contributed to this plugin.Contributors
Interested in development?
2020/09/21 – v.2.3.2
- Required version bumped to 4.6
- Updated plugin text domain
2017/11 – v.2.3.1
- Tested up to WordPress 4.9
- Improving warning information on admin pages
- Code cleaning
- Major fix for the “fix username” button : it will no longer generate 404 error pages (but people will still be able to guess your real login with your author URL).
- Add a column in the admin user list showing “Display Name” for every user.
- Add a better explanation about the “Fix Username” button.
- Minor fix for the admin profil URL link.
- Add a button (JS only) to handle all users created before the plugin installation.
- Code improvements
- Code improvement
- Bug fixes (in some cases, user “Display Name” and “Login” were not modified)
- Now an administrator can also trigger every function by saving a user (you don’t have to wait every user to log-in)
- New alerts (admin notices)
- first release