[This is part of the Common WordPress Mistakes series to help bloggers, churches, ministries and nonprofits avoid common mistakes when creating a new website using the WordPress CMS.]
It’s easy to use WordPress defaults when you first begin. I do that with a lot of applications, as ‘default’ gives you a feeling of ‘average’ or a blank slate to work from. In the case of WordPress, however, there are a few things that should be changed during the installation—your username included!
If you are running an install of WordPress that has “admin” for a login name, you should consider changing it for security reasons.
Let’s take a closer look:
Using Admin for a Username
Unfortunately, this can sometimes be the default username setup in WordPress. Because this is so popular, especially among older installs of WordPress, “admin” becomes a target for most hackers who are trying to crack into your install. If the username is accurately assumed, then it is solely the password that is between the hacker and your entire website!
For this reason, it is good practice to never use “admin” when setting up your WordPress.
But what do you do if you’ve already established it?
As you may or may not know, changing your username in WordPress is not possible. You’re locked in—as far as your WordPress Admin screen goes. 😉
How to Change Your “Admin” Username
To change your username, you’ll have to modify your database. That being said, make sure you back it up first! This is the “guts” of WordPress—its lifeblood. So don’t screw it up!
Alright, now that we’ve got that disclaimer taken care of, login to your phpMyAdmin (this will vary depending on your webhost, the most common being through your cPanel).
After you login, jump to your WordPress database and expand the wp_users:
Look for the user_login with the ‘admin’ and click Edit:
Now, look for the user_login data and make your change:
After you’ve made your change, be sure to save it!
If you’ve been using ‘admin’ to login, you’ll need to use your newly changed login. If you had already setup a different login and left this unused, simply carry on knowing that ‘admin’ is no longer a login for your WordPress install.
For those that are completely overwhelmed by this idea, consider abandoning the ‘admin’ login and giving it the world’s longest password. Although I recommend changing it completely altogether.
[Note: Don’t try and get fancy in your phpMyAdmin and try changing your password or anything like that, working your database is not always as straightforward as one might think.]
Speak your mind...