Seriously, we are surprised that people still do not get this simple change, we’ve been saying it for 10 years, but are constantly amazed at how many sites we are asked to look at, some created by some highly respected developers, still use admin as a login to a WordPress site.

Admin is one of the most commonly used login names in most WordPress Security breaches aiming to login through the main WP-Admin page.

It’s a simple fix, don’t ignore it!

So if you’re reading this and worried about your “admin” user accounts, don’t panic, it’s simple to fix.

One strategy is to manually remove the “admin” account.

  1. Firstly, create a new user with the “Administrator” role. Give it a name unique to you.
  2. Log out of your admin account.
  3. Log in to your new account.
  4. Go to “Users,” and delete the “admin” account.
  5. IMPORTANT: WordPress will ask you what you want to do with Posts and Pages assigned to the “admin” user. Make sure to reassign these to the new account you just created or another user.