How to Create a New Admin User and Delete the Old One in WordPress

If your WordPress admin username is set as “admin,” you’re exposing your site to a common security risk. Hackers often target this default username in brute force attacks. Changing the username is not possible directly, but you can create a new admin user and delete the old one.

It is always recommended that you run a backup of your site before performing this kind of action.

Here’s how you can do it in a few simple steps.

Log into Your WordPress Dashboard

  1. Go to your WordPress site’s login page (usually located at yourdomain.com/wp-admin).
  2. Enter your current admin username (or email) and password, then click Log In.

Create a New Admin User

  1. Once you’re logged in, navigate to the Users menu on the left-hand sidebar and click on Add New.
  2. On the Add New User screen, fill in the following fields:
    • Username: Choose a unique username (avoid “admin” or any variation of it).
    • Email: Enter an email address that you control. But it can not be the same as your other user. (You can change it after deleting the other user)
    • First Name and Last Name: Optional, but it can be useful for identification.
    • Website: This is optional and can be left blank.
    • Password: Either create a strong password or use the one WordPress generates for you (strongly recommended).
    • Role: From the drop-down, select Administrator.
  3. Make sure to Save the password and/or add it in a password manager.
  4. Click Add New User to finalize the creation of your new admin account.

Log Out and Log In with the New User

  1. After creating the new admin account, log out of the dashboard by clicking your username in the top-right corner and selecting Log Out.
  2. Go to the login page again, and this time, log in using the new admin username and password you just created.

Delete the Old Admin Account

  1. Once logged in with the new admin user, navigate to Users from the left-hand sidebar.
  2. Locate the old user account (the one with the username “admin” or any older admin account you want to remove).
  3. Hover over the username and click Delete.
  4. You’ll be prompted to handle the content associated with the old user. You can choose:
    • Attribute all content to the new user you createdThis is the safest option and ensures no content is lost.
  5. Click Confirm Deletion to remove the old user from your WordPress site.

Check for Potential Issues

  • Check User Permissions: Ensure the new admin account has all the permissions required to manage your WordPress site.
  • Test Functionality: Test the site to make sure everything is working as expected after the user change.

Important Security Tips

  • Strong Passwords: Always use a strong password for your admin account.
  • Two-Factor Authentication (2FA): Consider enabling 2FA for added security.
  • Regular Backups: Ensure you have a backup plan in place before making major changes like this.

That’s it! You’ve successfully created a new admin user and deleted the old one, improving your site’s security.