If we have been using WordPress for pretty some time we might have observed several suspicious login attempts to our site. Automated programs known as bots make this kind of login attempts. They try multiple combinations of usernames and passwords to gain access to our website. We have already discussed implementing 2-factor authentication to WordPress by using Google authenticator and Google ReCaptcha. We have also discussed adding security questions to our login screen for enhancing security. But the basic step towards securing our site does not come from these advanced methods. It begins with the simple step of creating a strong username and password.
WordPress shows ‘admin’ as the default username during the installation process. We might have also used this username for our website without knowing the underlying security risk. As bots are very familiar with such commonly used usernames we are putting our site more vulnerable to brute force attacks. The same applies to the case of passwords also. Never go for a weaker password thinking that it is easy to remember. Always use passwords that include uppercase, lowercase, special characters along with numbers. Now if we have been using the default ‘admin’ username or any such easy to guess usernames then we can change that without losing any of our content. In this blog, I will show three different methods to change the default ‘admin’ username in WordPress.
This method is not recommended for newbie users as it requires basic knowledge of WordPress database structure and tools like phpMyAdmin.Newbie users can directly go to the third option of using a plugin to change the username.
Step1: Go to phpMyAdmin and click on the database name on the left. In our case, the database name is ‘WordPress’. This will display all the tables in the database. Find the table ‘wp_users’.If any custom prefixes are used in the database then we have to identify the table accordingly. For example, if we are using a prefix like ‘wp_bt123 _’ then our wp_users table would be ‘wp_bt123 _ users’.
Step2: Click on the table name to view the table contents as shown below.
As we can see the username is now ‘admin’.Now click the Edit link on the left side of the row that we are going to change.
Step3: A page with options to edit the field values will appear.
Here change the user_login value from ‘admin’ to the new username we want to create. It is always better to avoid generic usernames like “adminuser”, “administrator”, “webmaster”, etc. We can always opt for usernames with a personal touch. This will be difficult to crack with brute force attacks. After entering the new username click the Go button at the bottom right.
Step4: This will successfully update the username changes to our database and a confirmation screen will appear as shown below.
Step5: Now we can go to our login page and login with the new user name.
Method2: Adding New User
Step1: Go to add new user section in the admin dashboard.
Step2: Enter a strong username. We also need to provide a new email address for adding a new user. Provide a stronger password and assign the role as administrator. Now click Add New User button at the bottom.
Step3: Once the user is successfully added, log out of the application and re-login using the new username and password. Now go to the users’ section in the admin dashboard and click Delete link under the old admin user.
Step4: Now a screen with options to delete the admin user will appear as shown below.
Here one important thing to be noted before confirming the delete option is to attribute all the existing content from the existing admin user to our new user. All the content by existing admin user will be lost if we are not assigning the content to our new user. After selecting the attribute option, click the Confirm Deletion button.
Now the existing admin user will be successfully deleted and all the content by admin user will be attributed to the new user that we have created.
Method3: Using Plugin
Step1: Install and activate Username Changer WordPress plugin.
Step2: Now go to Your Profile section under users.
Step3: Click on the Change Username link on the right side of username text.
Step4: Now enter the new username and click the Save Username button.
We will get a confirmation message after successfully modifying the username.
Now we can log out of our application and re-login using the new username. We can delete this plugin once we have changed the username successfully.
Thus in this blog post, we have learned about 3 simple methods to change the admin username for our WordPress website.