WordPress Security – Strong Usernames
[s3bubbleRtmpVideoJs bucket=”ginternetm” track=”videos/wordpress/Security/Security-Usernames.mp4″ aspect=”16:9″ autoplay=”false” cloudfront=”E29PGNOZANRYTS” fallback=”true” advert_link=”https://s3bubble.com” disable_skip=”false” /]
In this video I’m going to go through the importance of using strong usernames.
If your username is admin, you’ve just given hackers half of the combination to the lock on the front door of your site. Knowing this, never use the default “admin” or similar username. Always change it to something that is random and or is difficult to guess. One good reason is the very common brute-force type of attack, where hackers run scripts trying different password and username combinations to gain access to your site. This is significantly more time-consuming and difficult to accomplish when they have to guess the password and the username. It’s a simple, yet effective way to add another layer of security to your site. This is a good way to add more protection, especially for admin-level accounts.
It’s important to understand that WordPress may display your username on the front-end of your site. For example, depending on your theme and plugins, WordPress may do this on various types of page views or blog posts. So if possible, change the display name publicly as to prevent this. If you open up the users profile, you will see a dropdown menu next to Display name publicly as. There you can change the Display Name to something other than the actual admin username. So even if you are using the default username, “admin”, or something else that is easy to guess, you can “hide” it from evil-doers by simply setting the Display Name setting to something else. Notice my display name is currently the same as my username.
Here you can see, my only option is my username. This is because I don’t have a first and last name entered.
To change this, I’m going to add a first and last name. This will give me more options for the display name.
Now you can see I have more options to choose from, that don’t match my username. Choose something that is not similar to your username.
For some good username examples: have your username be at least eight characters and contain at least one capital letter and one number. You can have more of each, but it’s best if it contains at least one of each. WordPress is not fond of special characters in the username so I’d recommend leaving those out. Here are a couple examples. MsBlogEd2 and Gypsy3Rose. Some bad username traits will contain your name, your first initial and last name, your business or product name, or your domain name.
That’s it for this video. I’ll see you in the next one.