Mar 7

Quick Tip: Change Your Login Info on Self-Hosted WordPress

 

If you’re on self-hosted WordPress, chances are good that your username is “admin.” That’s how WordPress sets it up by default, and it’s easy to remember. In fact, I remember feeling kind of awesome the first time I set up a WP blog, like, Cool, I’m the administrator of a website!

So why am I telling you to change your login? Because if all of us know that “admin” is the default, so do hackers. No matter how small your blog is, you’d be surprised how many people get a kick out of breaking into WP and replacing the content with a big “YOU’VE BEEN HACKED!” image.

Here’s how to prevent unauthorized access to your WordPress blog:

1. Go to your Dashboard and go to Users > Add New.

2. Fill in all the fields. Make your login name something you’ll remember - not your first name, unless you don’t use your first name at all on your blog. You’ll need to use a different email address than the one for your admin login (but you can change it in a minute). MAKE SURE you set the Role as administrator and not subscriber.

3. Log out of WordPress and log in with the new credentials you set up.

4. Go to Users > All Users and delete the admin account. All your posts will be credited to the new login you just set up.

5. Go to your new user profile and change your email address to the one you originally set up for your blog.

6. Smile knowing that you’ve taken an easy step to protect your blog!

Andrea Whitmer

Andrea Whitmer is a full-time freelance web designer who works exclusively with the WordPress platform. She enjoys helping individuals and small businesses create an online presence and dedicates her time to consulting and design. Connect with Andrea on Facebook, Twitter, Google+, Pinterest, or Instagram.

  1. Shannyn 7 Mar 2024 | reply

    LOVE it..super simple- fixing one of my blogs now.  Thanks!

  2. Geoff 8 Mar 2024 | reply

    Andrea, great point…I actually just did this 2 weeks ago….can't believe I hadn't done it yet.  Related, I now changed my passwords to make them less hackable.  Apparently just text with one or two letters can be cracked pretty easily.  At Jesse's (PF Firewall's) suggestion, I now use strongpasswordgenerator.com for all my passwords.

    • Andrea Whitmer 15 Mar 2024 | reply

      I've been looking into a password management system so I can use super complicated passwords for everything. I'm bad about recycling the same 10 or so passwords on different sites.

  3. @tiffanyjorge 11 Mar 2024 | reply

    Such a simple easy fix! Thank you! Off to make my 4 blogs a little more protected. :)

    • Andrea Whitmer 15 Mar 2024 | reply

      It's definitely a good idea! I have the Limit Login Attempts plugin, which emails me when someone is trying to hack into my WP account. You would be AMAZED how often someone tries to log in, and they almost always try "admin".

  4. YPFinances 17 Mar 2024 | reply

    I've been procrastinating doing this - thanks for the easy steps that made me go and do it! I also installed Limit Login Attempts, sounds like a great idea.

    • Andrea Whitmer 18 Mar 2024 | reply

       @YPFinances I had to change my login info this morning - got a notification from Limit Login Attempts and someone managed to guess my login name. I don't think they'd ever guess the password, but I'm paranoid!

  5. anthrhousewife 23 Mar 2024 | reply

    Thanks! I'm setting up a self-hosted WordPress blog as we speak.  I am a talk to me like I am five kind of gal when it comes to technology and your directions worked on my first try!  That's what I call a successful blog post!

Leave a Comment