WordPress Vulnerability – Admin User Name

May 19, 2011 by
Filed under: Personal Talk 

Have you been installing a lot of wordpress lately?

If you have, you’d realize that every time you start a new wordpress installation, the admin user name is somehow pre-inserted to the user name column.

OK, so what’s the big news?

To keep it simple, by using “Admin” as the user name, we can save ourselves from forgetting the user name. But then the benefit comes with a big consequence. It makes people much easier to hack into your wordpress and gain admin access. All they need to do is to guess your password and once they get it right, your blog are as good as toast.

OH-NO!! Don’t tell me that your user name is also “admin”

For those who are using “Admin” as your blog user name, you need to change it ASAP.

Here is how to change the user name.

  1. First, back up your database. This is the only guarantee you have if something messed-up during the process.
  2. Use phpadmin to access your database.
  3. Select the table labeled WP-User and click the browse icon. This will bring up all the records listed in that table.
  4. Select the record labeled Admin and click edit. The edit button looks like a little pencil.
  5. Go to the field labeled user-login and change the name there to the one you want.
  6. Save the changes.
  7. Go to your login page and verify the changes by logging in.

If you have any question at all, feel free to leave comment below.


Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

  • Subscribe Mailing List Here

    * indicates required
  • SEMrush