On Apr 3, 2008, at 10:33 AM, Michael Clark wrote:
At 3:49 PM +0100 4/3/08, Daniel Woolstencroft wrote:
Is there an argument for _not_ having the default username as
Admin? Maybe
as one of the install steps we ask what the default username should
be? Or
include it in wp_config...?
Yes, if the default WP super user is not the regular and expected
"admin" user login, then an attacker will have a more difficult time
hacking and cracking your WordPress. If anything, automated attacks
would be much more likely to fail. In an ideal world, you would
never post anything as the admin. Your day to day blogging and
commenting would be done as a regular author user, not as user with
admin privileges. Mike
Is there anything in WordPress that _depends_ on the existence of a
user named "admin"? How about a user with id = 1 ?
Without knowing for sure, I'm guessing deleting user #1 might do bad
things. Going directly into MySQL and renaming him though sounds
relatively safe.
Thoughts?
Stephen
--
Stephen Rider
<http://striderweb.com/>
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers
