Sometimes the best piece of advice comes from the most logical thinking. WordPress is a secure web platform for your website, but with that being said — it’s not Fort Knox.
If people can hack into top government agency websites and cause lots of chaos, your site is also susceptible to attack.
There are many steps you can put in place to make your WordPress site more secure, but there is one simple thing that can help as much as any of the other security measures.
Best WordPress Security Tips
Ready for it, well.. here it comes. After your WordPress site is setup and running — Do Not Use ‘ADMIN’ as a username. Really, don’t ever use admin as a username — ever.
This sounds like a no-brainer, but it’s really not. You would be surprised how often we work with people either in a training or mentoring session and they ask us to login to their WordPress website and they give us the username ‘Admin’.
The first username anyone trying to hack your site will try will probably be ‘Admin’. Now ask yourself, why give away half of the battle and let them in partially.
I apologize if this tip seems to remedial and not what you expected when you landed here from a search engine, but telling people not to use ‘Admin’ as a username is totally worth posting. We’ll follow this post up next week with some more of our favorite WordPress Security Tips. (Here’s some other WordPress Security Tips from our friends at Securi.)