Deleting The Admin Account On WordPress

Alert! If you have an admin account on your wordpress site, you need to delete it NOW. Maybe you have a wordpress installation that was set up some time ago. Whether you built your site or had somebody build your website for you, it's not important. What is important is that you eliminate the vulnerability that makes it easy for hackers to hack your website. I'll go through the steps in the included video. But first you should understand why having the admin account puts your site at risk of getting hacked.

 

Hackers don't look for your website. They have bots (automated programs) that search the internet for wordpress based websites. Once they find one, they know where the login page will be and start the hack. Your website (like almost all) security relies on a two key system. The first key is your username. The second is your password. By leaving the admin (default) account intact, they have one key already and it is only a matter of time before their password cracking program gets the second key. Then they can do whatever they want with your site including locking you out and holding it for ransom.

 

So now that you know why you're vulnerable and what's at stake if you get hacked, here's how to fix this chink in your armor.

 

Here's the process:

  1. Create a new account with administrator privileges
  2. Create a new account with editor or author privileges
    You can choose which fits best for you. Since this is your “public face,” you'll want to complete the profile including the author bio if you have that option.
  3. Then log out and log back in as your original admin
  4. Check the privileges of the new accounts you created and reset and save them if needed
    You'll only need to do this once. And make sure the public or nickname of the administrator account is different from your editor/author account. That's important so you don't accidentally attribute the content to your new administrator. What you saw was a painless correction in the video will actually need to be done manually for each post.
  5. Log out and log in as the new administrator
  6. Delete the old admin account and attribute content to your editor or author account
  7. Check to make sure you attributed the content to the right account.

A word of warning: Don't think that if you do this one fix, you'll be totally safe from hackers. There are many ways to hack a wordpress site. This stops ONE of the easiest paths for hackers to access your site.

 

 

The following two tabs change content below.

Rob Calhoun

Backend Specialist at R. Calhoun IE
Rob Calhoun Helps small to medium businesses succeed by developing or refining their marketing strategy. He then sets up systems that get new customers, retain repeat customers, and re-energize past customers to buy again. Rob also helps marketers do the same for their clients.

Latest posts by Rob Calhoun (see all)

Leave a Comment: