Security Recommendations for the WordPress Admin User

When you’re setting up a new WordPress site, you’re given the choice to select your username. The username may be pre-populated with “admin”, but you should select another username, as the admin username is the most easily hacked.

Don’t Use Admin for a Username

Don’t Blog Under the Admin Account

So you’ve selected a different username for the admin account, but if you blog under that username, chances are that your theme will display your username with your posts. One solution for this is to make sure that your posts only show your display name. However, your admin username may be visible in URLs that display author pages or in the body class generated by your theme’s CSS. To make your site is even more secure you can create a new username for blogging under and reserve your admin account for working on the site.