Worst WordPress User Name Ever

In the space of seven overnight hours, there were more than 60 unsuccessful attempts to hack into one of the WordPress sites I manage, all originating in either Russia or China.  They failed to gain access into the site for one very simple reason.

What You Need to Know

If you are a WordPress user, you are certainly familiar with the login screen that asks for your User Name and Password.

WordPress uses “admin” as the default user name. You might think leaving it is the simple way to go, but in the end, you may pay dearly for not taking the time to create a unique name and password.

In each of the 60+ hacking attempts I mentioned, the hacker used either “admin” or “administrator” as the username.

How to Fix it

  1. Create a new user with the “Administrator” role, but don’t call it Admin or Administrator. Call it something unique, like “web.”
  2. Next, make sure that any posts or pages assigned to the original “admin” or “Administrator” username are reassigned to the user account you just created. If you don’t do this, they will be permanently deleted when you do step 5.
  3. Log out of the “admin” account.
  4. Log back in using the new user account.
  5. Go to “Users” in the menu and delete the “admin” account.

Your site will now be protected from hackers and hacker bots using “admin” or “administrator” as the username. To protect your site even further, consider purchasing  one of the WordPress Security plugins that allow you to block specific IP addresses and countries, as well as other options.


Hack Resistant Passwords

The sad fact is, the greater our dependence on the internet grows, the stronger the likelihood that we will be hacked. This is why you are cautioned to use unique passwords for each site – if one is hacked, the rest of your internet history and important sites are not affected.

While creating nonsensical passwords for each important site may be annoying, that annoyance is nothing compared to what you will encounter and experience if your accounts  – your online bank accounts, PayPal, and the jumbo Social Media sites – are compromised.

Take a break from network TV one of these nights to cook up a list of passwords that will provide a reasonable level of safety.

The easy-as-pie, hack-resistant password recipe:

  1. Pick a song lyric, or a book title. Any song or book will do. For this example, we will use “Baby I was Born this Way” by Lady Gaga. Convert it to an acronym by taking the first letter of each word: BIWBTW.
  2. Pick two or three of your favorite punctuation symbols. You might use #^&, for example.
  3. Finish with some numbers – but not a series. Use 492, but not 456. Now rearrange the segments however you choose.

The first password, using this example, is BIWBTW#^&492. Please don’t use it, make your own. You can switch the order around, of course, so maybe you use #^&BIWBTW492, or for sites that require upper and lowercase letters, 492BiWbTw#^&.

Keep going!  If you do just five each night for an entire week, you will quickly turn every password in your list to something as close to hack-proof as you can get.