Admin user ID 1

  • Resolved Fanaticweb

    (@fanaticweb)


    4 years, 8 months ago

    Hello WordFence staff,

    I read recently in one of your Critical Vulnerability notices the following statement:

    “Since many sites have a single administrator with a user ID of 1, this meant that an attacker could lock an administrator out of their own site”

    I realize this is an easy target, is it safe to create a new Admin midway of the site deployment (2-3 months down the line) while inheriting a new ID (ex: ID: 36) and then delete the initial Admin that was assigned to ID 1? Or will this strip the new Admin from their native Admin privileges or capabilities or cause issues down the line?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hey @fanaticweb,

    Yes, creating a new admin will be just fine, and is suggested so the ID isn’t 1. As long as you create a new admin, all other admins including the new one will be able to administrate whatever they might need to. Just in case something does go wrong, I’d suggest creating a backup to recover from, though there really shouldn’t be any issues.

    Please let us know if you have any other questions.

    Thanks,

    Gerroald

    Thread Starter Fanaticweb

    (@fanaticweb)

    Thank you for your feedback Gerroald, a backup is definitely my first step prior to making core changes, I’ll test it out on my end, thank you again.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Admin user ID 1’ is closed to new replies.

Tags