WARNING: Please read before continuing ▼
Difficulty: Easy
Time: ~5 Minutes
Last Updated: 16th October 2009
Applies to: WordPress
By default, WordPress uses “admin” as the log in name for the first user. With this information, a prospective cracker is only a password away from your wordpress admin account. By changing the admin user name, the minimum amount of information required for any miscreant to access the account is increased.
To change the user name, you need to connect to the MySQL database directly using an SQL client such as Sequel Pro or MySQL-Front, or even the MySQL commandline tools.
Once connected to the database, you are looking for a table named “users“. It may be prefixed by something like (in my database) wp_aib87_
In this table, you are looking for the row with the username “admin“. The ID of this user will probably be 1, but this is not always the case. Change “admin” for whatever you wish your admin user to be named.
From now on, you can log into your blog with the new user name.
Optional:
While not a security risk, its never a good idea to allow commenters to sign up as a user called “admin“, as it may cause confusion. After doing this, you should resigter a new user with the name “admin“, using http://www.your-blog-domain/path/to/wp-register.php
If you are using WP-Ban, you can also ban the user to prevent it logging in.
This will ensure no one can sign up with the user name “admin“, and cause confusion.