Would you leave your front door key under the mat or the pot plant by the door and expect not to be burgled?  Burglars know that many people still make these mistakes, so the first thing they do when checking out a house is to see if they can find the key hidden near the door.

Your WordPress website is the same. The most common username set by web designers who should know better is the default “admin.”

Hackers know this, so when they attempt to hack into a site, the first thing they do is try the “admin” username. It is the equivalent of the key under the doormat.

Their computer then rapidly runs through all the common passwords that web designers set to make it easy for their clients to log in: the website name, temp, temppassword, tempadmin, 123password etc.

All too often, by simple brute force, the hackers then break into your site and have their wicked way with your content.

Unfortunately, almost every website I review or rebuild has at least one username set to admin. Often this is the only username on the site, making it doubly dangerous for your security.

Getting rid of the “admin” username and replacing it with a more secure username is the first thing that I recommend you do to increase the security of your WordPress website.

As an aside, the next most common series of usernames are administration, manager, temp, test, or the name of your website (e.g.heartcomms). If you have any of those as your username, change them as well.

Read this post to find some of the other steps to Increase the Security of Your WordPress Website.

What can you do if your username is Admin for your WordPress site?

WordPress does not allow you to change your username once it has been set. You have two main options:

Option 1: Ask your web designer or web host to change it for you at the cPanel.

Option 2: Add a new user with administrator privileges, then log in as that new user and then delete the old “admin” username.

I don’t recommend any of the plugins available to change your username over simply as many have not been maintained in months and there is no guarantee that they won’t break your website or introduce extra security risks.

DIY to change over your WordPress Admin username is simple and straightforward.

To make it easier, here is a walkthrough on how to change your admin username.

Step-by-step to Changing Your Admin Username

1. Log in: Log into your website using your admin username and your password.

2. Backup: Run a site backup to make sure that you have a backup in case you make a mistake.

3. Add New User: On the left-hand side menu, hover your cursor over the word Users and click Add New.

Add New User
4. Fill in the New User Details: Fill in the details on the Add New User screen. You will be asked to fill in a Username, email, first name, last name and website (you can leave that bit blank).

Make sure you tick the box to send the new user an email about their account.

Then set the role as administrator by clicking the drop-down option box.

Important: You can’t use the same email as one already set up. If the “admin” username already is using your main email address, then use a Gmail or secondary email account you may have. You can always change that to your main email address once you have deleted the admin username.

New User Details
5. Log out. Log out of the admin username account by clicking under where it says “Howdy, your name” on the top right menu bar.
Log out
6. Set Your Password: Check your email inbox for an email titled “Your username and password info”. It can take up to 10 minutes to arrive and may end up in your junk or spam folder.

In the email is a link to click where you can set your password. Remember to record your password.

7. Log in with your new Username and Password: Log into your site using your NEW username and password.

8. Go to “All Users”: On the left-hand side menu, hover your cursor over the word Users and click All Users.

All Users
9. Delete the “admin” username: Hover over the admin username, and you will see “Edit, Delete, View” appear. Click Delete.
Delete Username
10. Attribute all content then confirm deletion: This step is vital, so take care.

If the “admin” username has any content such as blogs or pages attributed to it, if you click “Delete all content” all of the information will be deleted.

Tick the box “Attribute all content to:” and choose your new username.

Once you have triple checked that the box is ticked and the right username is showing, then click Confirm Deletion.

You will be taken back to the All Users page where you will see that the admin user has been deleted.

Delete & attribute content

Change your Username email

If you had to use a secondary email account, now is the time to change your email to your main email account.

1. Edit: Click on the word Edit under your new Username.

2. Display Name: First, check that the Display Name Publicly As box shows your name and not your username. Click the drop-down arrow show all the choices and then choose your name. (This helps stop hackers learning of your new username and targeting that.

3. Change your Email: Type in your preferred email address.

Change user email
4. Update Profile: Scroll to the bottom of the page and click Update Profile.

5. Check your In-box: You will receive a confirmation email in your inbox (or junk/spam folder) titled “New Email Address”. Remember, it may take a few minutes to turn up so stay logged in until it does.

Click on the link to confirm your email address, and you will see a “Profile Updated” message above your profile.

6. Log out and celebrate. Log yourself out of your website and congratulate yourself on increasing the security of your WordPress website.

Bonus Security Points

If your WordPress website only has one username, this is the time to add in a backup user, just in case you lock yourself out (or a hacker locks you out), or your email goes out of commission.

Follow the same steps as above to set up a new backup username on a secondary email such as your  Gmail account.

Last words

Keeping one step ahead of the hackers is a never-ending job. Luckily, changing your username from Admin is a super simple strategy that you can do yourself to help increase your security.

After all, why leave your key under your front doormat?

Amazing testimonials cover

FREE DOWNLOAD:

How to Get (and Give) Amazing Testimonials

 

Enter your email address and click the download button. You will be sent a confirmation email.

Please check your inbox for a confirmation email

Pin It on Pinterest

Beginner's Guides, Small Business Websites How to Change Your WordPress Admin Username