Every day your WordPress website is under constant attack from hackers who would love to get inside to either cause mischief or to use your site for their own purposes.
If you have ever had your site hacked, you will know that it can cause you to pull your hair out. You lose your search engine page position in Google (because your site is no longer trusted) and you lose traffic, which will hurt any sales efforts you may be undertaking.
There a few simple things you can do to help protect your site from hacker attacks. These can remove your site from the ‘low hanging fruit’ category and eliminate many of the attacks. One of these is your user name and login.
As you will know, you have the option in WordPress to choose your user name and password. The old default WordPress setup gave you the option for choosing the user name and password. Currently WP default on setup chooses a password for you. This is better since most people choose passwords that are too easy to hack.
Your password should be 15 characters. What…you can’t remember that? Then put it in a Word doc that you can save on your desktop for use when you need to login or get RoboForm password manager.
As far as your user name, WP install default is still ‘admin’. Don’t use this. If you are setting up a new WP site make sure that the user name is something different than ‘admin’ or your website name.
If you have a pre-existing website, changing your user name from admin is possible, but means some work in your ‘Cpanel’.
See the graphic below to see the results from WordFence, a WP security plugin. It shows how many login attacks were made to the website and what user names were used. As you will see, ‘admin’ is number one.