Each site allows different categories of users. Popular user roles include that of an administrator, editor, contributor, author and a user. A WordPress site supports all these roles. A WordPress site admin has access to the administrative area of the site. He has access to the entire administrative panel of a site. Other roles such as an editor or a contributor are only granted limited privileges. An admin area is the core administration center for a WordPress site.
An admin’s login area can be accessed by adding /wp-admin to your site like – www.yoursite.com/wp-admin/
Your default admin username is “admin”. Many people argue that the very first thing that you should do after installing WordPress is to change this default user id. Hackers often launch brute force attacks on WordPress sites. A large percentage of these attacks are based on the assumption that the username for the site is “admin”. Knowing the username greatly assists the hackers as they only have to get lucky with the password now.
To Change default admin user & admin user id is a very simple process –
- Simply login to your account using your default admin username and password.
- Now create a new user and give it a reasonably secure username.
- Grant administrator privileges to this user.
- Log out of your admin account.
- Sign in using your new account which has administrator privileges.
- Select your old admin user from the list of users and delete it.
- WordPress will prompt you to assign all the posts associated with this user to another user. Select your new account from the list of users.
With this you will be able to remove the default and vulnerable “admin” username from your site. All the posts that you may have published as the administrator which showed your user name to be admin will now show your new username. You can introduce a great degree of security by using a reasonably secure username. Using the default “admin” username is a huge security lapse.