Category Archives: WordPress

Quick WordPress security tip

On Monday, I told you how to change your blog’s main username from “admin” to something else, to make it more difficult for a hacker to guess your username and password. (If he knows the username, half his work is done.)

So now you have changed it, and your log-in username is something else, perhaps your first name. Go to your profile page: Sign in and click on “Howdy, (your name)!” in the upper righthand corner. Look down at the section headed “Name.”

Profile page: Name Screen before

Your username is the one you set up in place of the insecure “admin.” But note the box marked “Display name publicly as.” It shows your new and more secure username to the public on every post you write… so you haven’t gained much by changing it!

The WordPress developers have thought of this. Take this next very simple step to completely hide your login username: Fill in the First Name, Last Name, and nickname fields, choosing something completely different for “nickname.”

Profile page: Name screen after

Scroll down and click “Update Profile.” Now go back up to the “Display name publicly as” section. A dropdown menu will show you several choices: FirstName, FirstName LastName, LastName FirstName, etc. Pick one, then “Update Profile” again.

Choosing a display name

Now your chosen display name — NOT the same as your login username — will show on all your posts.

PS: That “nickname” field that is required? That is useful in cases where you don’t want your name to appear as author — if you are writing incognito or using a pen name. If neither the FirstName or LastName fields is filled out, the display name will default to “nickname.” You could log in as Laura and post as Peanut. :)

How to change the “Admin” user in WordPress

Prior to version 3.0, new installations of WordPress set up the first username as “admin.” If you’ve been upgrading your blog software at regular intervals, you may have the latest version yet still be blogging as “admin.” Using the default name makes it a bit easier for hackers — instead of having to guess or crack two pieces of information, they can assume the username is admin and concentrate on the password.

Unfortunately, you can’t change your username from the WordPress dashboard. Here’s how to do it without having to edit the database or dip your toes into MySQL.

Log in as “admin.” Go to Users -> Add New. Fill out the information for yourself, choosing a different username. (Remember that usernames are case-sensitive: If you sign up as “laura,” you can’t sign in as “Laura.”) Choose “Administrator” from the dropdown menu. Click “Add New User.”

Now sign out and sign back in using your new username. In the lefthand column of the Dashboard, click on Users.

Under the Admin username, click Delete.

Now you will see a screen allowing you to move all the “admin” posts and comments to your new username. Select the correct name and click “Confirm Deletion.”

That’s all there is to it! You’re done, and your blog is one step safer.

7 Easy Steps to Maintaining your WordPress Installation

Just as your website needs to be maintained, so does your self-hosted WordPress installation. WordPress software has been updated ten times in just the past year, adding new features and closing security loopholes as they are discovered during use. In addition, plugins are constantly being updated and should be kept current as well. Here’s a checklist of what you should be looking for and when to tackle these tasks.

Continue reading