WordPress Security Tip

WordPress will by default name the administrator user account as admin. If you haven’t made any changes while installing WordPress, that is probably what you will use to log in.

WordPress Tips

The issue with this is evident: if someone wanted to gain access to your blog, all they would need to do is to keep using the “admin” user name with a number of passwords combinations. This is called brute force attack, and with automated tools it works quite often.

Whenever installing WordPress from scratch, therefore, remember to use some other name instead of admin for the administrator user account. If you already have WordPress installed, the fix is very simple. Just create a new user and set it as administrator. Then log in with that new user and delete the “admin” user. Don’t worry if you have many posts written by the user, WordPress will ask whether you want to delete them or re-assign them to a new user (choose the latter obviously).

As for choosing the new user name, make sure that it is not similar to the name you display publicly on your blog. If you sign your posts as John Doe, for instance, naming the administrator user as “john” or “johndoe” wouldn’t help. You need something that others won’t be able to guess easily.

Need assistance regarding SEO for WordPress Do not hesitate to get in touch with me.

Farhan Fawzer is a Sri Lankan SEO Specialist and Online Marketing Consultant.