I’ve just had a client give me their WordPress user name – and it’s “admin”.

Back in 2013 I blogged on my company’s site about how WordPress has announced people should stop using the username of “admin” – which for years was the WordPress default.

Hackers can try to log into your site – and if they can guess your username then that’s one tick in the box for them already – so to make it harder for them you shouldn’t have an obvious user name. You can’t change usernames, but there are steps you can take to solve this issue.

If your site was set up a long time ago so you’re still using “admin” as your username, you should:

  • Log into your site

  • Create a new user account (you’ll need a different email address – or if you don’t have one, change the email address on the “admin” account to something random)

  • Log out

  • Log in with your new user account

  • Delete your “admin” User. WordPress will probably then give you the option to re-assign any posts/pages written by admin to your new account


Any problems, just ask your web developer to sort it out for you.