You are here: Blog » Tutorials » Change Admin Username WordPress

Change Admin Username WordPress


Change Admin Username WordPress

This security tip is intended to protect your WordPress site from a malicious threat known as brute force attacks.

What is a brute force attack? Good question. A brute force attack is a method where a hacker will try to gain access to your site by entering in a long list of passwords. Because they are using a ‘bot’ or a script to enter the password, they are able to test very large amounts of passwords and eventually, if given enough time, could very likely eventually stumble upon your password.

Once admin access has been granted, hackers will often proceed to install scripts on your website which effectively hands control of the website over to them. Soon, you may notice that your site has turned in to an advertisement for a Russian pharmaceutical company.

Security Tip: Change your administrative username to beanything other than the default ‘admin’

Bots are actually stupid. They don’t know what your real username is – they aren’t even targeting you specifically most of the time. Rather, they crawl the internet looking for vulnerable WordPress sites where the admin username is set to the default ‘admin’. When they come to your site, they will enter in ‘admin’ for the username and try to determine what the correct password is by guessing a million different possibilities for the password. If your password is not ‘admin’, the bot will never be able to succeed.

Further Reading

The truth is, even with this in place, bots can still get to you; If someone takes the time to look around on your site, they can usually determine what your admin username is. From there, you are just one brute-forced determined password away from a hacked site.

For more advanced protection from these threats, refer to the Brute Force Attacks article in the WordPress codex.

Nonetheless, this is a solid first line of defense and should be implemented on all of your WordPress sites.


This entry was posted in Tutorials and tagged , by .

Author: justin saad

Justin Saad is first and foremost a husband and a father of four. He is also a web developer and designer who has been making websites for over twenty years. His company is called The Motech Network and his website is In addition to building websites, Justin makes WordPress plugins and likes writing tutorials to help others learn about various aspects of web development.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">