Website security is important! Having a secure Login is one easy way to improve site logon security. We all want a secure site. How to secure a website? There are many ways – login username security is a good place to start. No one wants web attacks, and then find they have lost website access to their own blog.
Your WordPress Login username is your own Front Door Key to your own blog. If Hackers gain unauthorized access into your Admin area, they can steal your online information and trash your Content in a few minutes. No one wants that.
So an easy first online web site security step is to change your WordPress log in username. WordPress makes this easy.
Do You Use the Word ‘Admin’ as Your Website Login Name? Well…Do You?
Well, me too…until a few days ago! Join the club! Did you know that about 98% of all blogs use the word ‘Admin’ as their Login username? We all want to have a secure website. Therefore we all need a secure login username. Using Admin as your user logon name is a weak link in your online site security. Your blog security is at risk if you use ‘Admin’ as your login username.
Why? Because anyone who logs on to your website (even you, as blog owner and administrator) must enter TWO security check barrier steps: the Username and the Password. There is a good reason for this! If you use the word Admin as your Username, you have reduced your website system security by 50%!
Important:. Having a ‘proper’ secure login name is not just “yet another log in name to remember”! Not on your own website, at least. Let other people secure their own websites (or not). We want a secure website and a secure logon name! Yes!
Note: I cover Password security Here:
How to Make Strong Passwords…That You Can Remember.
How to Block Hackers With Your Secure Website Login Form
Put yourself in the mind of a hacker – I know… but just grit your teeth and try – you enter http://domain-name.com/wp-login.php into a Google search page and you get access to that (any) website’s login form.
You cannot stop anyone getting access to see your Login Form. This is a WordPress function. But you can make choices about who can Login and get past your Login Form, if you want to. You can select ‘This website does not accept Registrations’ on your blog’s Dashboard [see The Difference Between Registrations, Subscribers & Login]…this will stop anyone logging into you website, but this will not stop a hacker getting web access to view your Login Form.
BTW People who Register on your website will be able to choose a Login username and Password, and enter your website via your WordPress Login Form. but this will only give them access to see what everyone else sees. They will never get access to the Admin areas of your blog. Normally, people will only opt to Register on your site if you offer some advantage to readers who do Register. Otherwise, the WordPress Login form username and password is only important for you as an Administrator. You don’t want anyone logging in to your Admin areas by hacking your Administrator Username and Password.
We know this already if we think about it – we all need to fill out this same Login Form to get access to our own Admin area, every time we login to our own website.
All hackers will also know that 95% of bloggers use the word ‘Admin’ as their username. Therefore, on 95% of websites, hackers only have to bother with hacking past the Password. Ha! Not so fast, Hacker! Not this bunny, thank you very much! On OUR blogs, you have to hack TWO names, not just one: they have to get passed your Password AND your Login Username (if your Username is not just ‘Admin’). So, let’s do it!
Website Security: How to Change Login Username
1. Login to your cPanel
2. Click on phpMyAdmin: which is circled above.
3. Find the relevant database from the list on the left of your phpMyAdmin screen. (if you have more than one). It was ‘_wrdp2‘ in my example case.
4. Click it.
5. In the Tables column (the first one) you now see, find wp_users, and click on it.
6. Now you will see a list of all your Registered Users. This is the same list you can see on your Dashboard>Users, but you are now viewing it in your Admin database (phpMyAdmin).
7. Locate the Registered User entry for Admin (2 in next graphic)
8. Click on Edit (1 in the next graphic) for the Admin username.
9. in the line labeled User login (No 1 below),
10. Change the word ‘Admin’ (you) (No 2 below) to your new Secure Login Username.
11. Click ‘Go’ at the bottom of the screen.
12. All done!
13. Log out of your blog, and login again using your new secure Login Username, cross fingers, hope like….whatever….and YES! ….Success! Congratulations!
14. Find someone – anyone – to tell them that you have been quite (but never, very) clever….. yet again!
Bonus Free Tip: if you find they all have their noses buried in Homeland re-runs (for example)….I say nothing…..tell the dog – dogs are always interested in your latest brilliant achievements (and are also easily impressed).
More on Website Security coming soon….keep blogging, friends! And don’t let the turkeys get you down!
Why not Subscribe to our Newsletters! It’s easy and free. Click on Subscribe to receive Newsletters into your Inbox – or Spam folder, depending on your Email account – always check if you don’t get a Confirmation email within a few minutes after Subscribing.
Nice post. I will be saving you blog to my bookmark for my clients. I agree that it is very important to change your secure password and login. We don’t take this type of steps seriously until it’s to late!
Yes, Eric, and it is so easy to do, once you realize how important it could be for Content protection.
Pingback: Web Security: How to Make, Remember & Test Secure Passwords
Pingback: How to Reset My WordPress Administrator Password
Pingback: Online Security: Security Check List For Bloggers
I just wanted to express my thanks for the work you have done here. Your site has been an outstanding resource. Tons of time and brain cells have been saved!! I cant say Thank You enough!!
Hi Matt, I have to agree about the brain cells saved – my own! One advantage of learning how to blog is that you don’t have to bother with crosswords or Luminosity to ward off Altzeimers…hopefully.
Giving your brain a work-out is a little known advantage of blogging, and is yet another reason why everyone should set up a blog – Impressing the kids and other non-believers is also a biggy.
wow, thanks for this – it’s the first tutorial I’ve found that hasn’t just said to add a new user with admin rights and delete the old one:)
off to give this a go!
Hi lisa, yes, indeed! The thing that always gets me about so called ‘How To’ articles is when they say, “It’s really easy…..” It never is.
It’s like when a doctor says, “Just relax…” or “This won’t hurt at all…” that’s exactly when you know something bad is about to happen.
Pingback: AlterEgo Free: How To Hacker-Proof Your MailChimp Account