WordPress tip: do Not use your name or admin to set up your WordPress site
When you’re creating a WordPress account (or any other type of blog or website actually), someone is in charge of handling the stuff on the back end, the stuff that lets your followers see something.
They’re two different things.
What the person reading your stuff sees is all neat and purty. Nice bullets, formatted text, organized into categories that help them find what they want.
The back end is your WordPress administration panel that gives you control over what the everyone else sees.
And to log in and take care of all those tasks, you’ll need an account called a WordPress Administrator account. (There are other types of accounts you can create and we’ll cover those another time).
Which means that person has access to EVERYTHING on the backend. Your themes…content…plugins…everything.
Geez, even writing that is scary!
So you want to be very careful WHO you’re sharing that precious “backend” with, wouldncha say?
The thing is this: what you name that account is important. You need to be able to remember it and don’t want others to be able to figure out what you might have called your account.
And there is the challenge.
A large number of folks use the default name “Admin”.
Don’t do that!
Why? Because hackers, those people who seem to have nothing to do other than go mess up stuff for others, know that it is likely you’ve used “admin” for that account. They can then use that information to get into the back end of your site, mess around, screw things up and leave you wallowing in a puddle.
Wait, you say, they don’t have your password!
Nope, and they’re good at guessing or they can click the “Lost Password” option and take a crack at finding it.
Your name and “admin” are especially dangerous since folks with nothing better to do (ok let’s call them what they are: “hackers”) assume you’ll these words.
- don’t use “admin” (THE most commonly used)
- don’t use your name or any part of it
- don’t use a name associated with their site (by picking one of the words in the domain name, or all of them, heaven forbid)
- don’t use words that are typically associated with you (your spouse, kids, dog, cat, parents)
And here are some do’s
- do use a word, preferably a made up one, that isn’t commonly associated with you
- do back up your site on a regular basis
- do come up with a name that is not easy to associate with you, your family, your pets, or your company.
Giving the keys to the burglar
Using easily recognizable words is kinda like givin’ the keys to the burglar.
Don’t do it! Promise me?
Ideally you’re using a 15 character “hodge podge” of characters for your name and a different set of 15 characters for your password. If you can’t take that one on, at least use some nonsensical word you can remember and that is NOT associated with you.
Yes, I know it is a lot to take in and since I lost 10 sites in one fell poop (or fell swoop if you prefer), I’m painfully aware of how many people are out there getting their kicks out of causing problems!
Use something else and be very careful who else has administrative rights to your site. I’m sure they wouldn’t intentionally harm anything AND…accidents do happen.
If you’ve already used the infamous “Admin” account, don’t despair. Here are the steps to changing that up right now.
(Bonus tip: before giving anyone else access to your site, make a backup copy for good measure.)