How to Create a New Admin User and Delete the Old One in WordPress
If your WordPress admin username is set as “admin,” you’re exposing your site to a common security risk. Hackers often target this default username in brute force attacks. Changing the username is not possible directly, but you can create a new admin user and delete the old one.
It is always recommended that you run a backup of your site before performing this kind of action.
Here’s how you can do it in a few simple steps.
Log into Your WordPress Dashboard
- Go to your WordPress site’s login page (usually located at yourdomain.com/wp-admin).
- Enter your current admin username (or email) and password, then click Log In.
Create a New Admin User
- Once you’re logged in, navigate to the Users menu on the left-hand sidebar and click on Add New.
- On the Add New User screen, fill in the following fields:
- Username: Choose a unique username (avoid “admin” or any variation of it).
- Email: Enter an email address that you control. But it can not be the same as your other user. (You can change it after deleting the other user)
- First Name and Last Name: Optional, but it can be useful for identification.
- Website: This is optional and can be left blank.
- Password: Either create a strong password or use the one WordPress generates for you (strongly recommended).
- Role: From the drop-down, select Administrator.
- Make sure to Save the password and/or add it in a password manager.
- Click Add New User to finalize the creation of your new admin account.
Log Out and Log In with the New User
- After creating the new admin account, log out of the dashboard by clicking your username in the top-right corner and selecting Log Out.
- Go to the login page again, and this time, log in using the new admin username and password you just created.
Delete the Old Admin Account
- Once logged in with the new admin user, navigate to Users from the left-hand sidebar.
- Locate the old user account (the one with the username “admin” or any older admin account you want to remove).
- Hover over the username and click Delete.
- You’ll be prompted to handle the content associated with the old user. You can choose:
- Attribute all content to the new user you createdThis is the safest option and ensures no content is lost.
- Click Confirm Deletion to remove the old user from your WordPress site.
Check for Potential Issues
- Check User Permissions: Ensure the new admin account has all the permissions required to manage your WordPress site.
- Test Functionality: Test the site to make sure everything is working as expected after the user change.
Important Security Tips
- Strong Passwords: Always use a strong password for your admin account.
- Two-Factor Authentication (2FA): Consider enabling 2FA for added security.
- Regular Backups: Ensure you have a backup plan in place before making major changes like this.
That’s it! You’ve successfully created a new admin user and deleted the old one, improving your site’s security.