Support » Fixing WordPress » Removind default admin

  • Having an admin account with the default user name is a security risk. Is there a way to reassign the default to another admin or at least change the admin name without going into the database?

Viewing 4 replies - 1 through 4 (of 4 total)
  • esmi

    (@esmi)

    Forum Moderator

    Having an admin account with the default user name is a security risk.

    No it isn’t. The real security of the login lies with your password – not your username. However, there’s nothing stopping you from setting up another admin user, logging in as the second admin and deleting the original admin.

    The delete worked. My fault for not logging out 🙂 duh!

    I used to think that the user name didn’t matter, but a login is the combination of a user name and password. When one of those is obvious, you have lost a lot of the security of the combination. I have a couple of web security books that discuss this type of issues.

    esmi

    (@esmi)

    Forum Moderator

    They might well do but that really doesn’t apply to a WordPress site. As soon as you start linking to any author, their username will be exposed in the url.

    That is true! However, it is another step for an attacker to garnish all your author user names off the website and then use them. If you have your admin user set as admin, that is one step they don’t have to do.

    There is no “magic bullet” in security. It’s a little bit of this and a little bit of that.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Removind default admin’ is closed to new replies.