Here’s an easy, yet vital, security step to take to protect your WordPress site from hackers.

We recently installed the Wordfence plugin on the Tech Haven site, and were surprised to discover that hackers are attempting to breach the site’s security multiple times a day. Turns out that most people with WordPress-based websites use a default admin account with the name Admin – and hackers know this.

WordPress Login

So, if hackers already know a WordPress site’s admin name, that’s half the battle of hacking into the site. For the other half of the battle, as a result of recent system breaches, hackers now have 1.2 billion recently active passwords at their disposal. Combine the two, and that’s a recipe for disaster.

Fortunately it’s an easy fix: don’t have an admin account named Admin for your WordPress site.

If you have multiple admin accounts, log in with one of the accounts that’s not named Admin and delete the one that is. Alternately you can rename it using these instructions.

If you have additional security concerns or are looking for an extra level of of protection give the Wordfence plugin a try. It has a wealth of security features both on free and paid tiers, and for me at least, it has been one of the most worthwhile plugins I’ve used in quite some time.