Login -unsafe?

  • Resolved Karo

    (@hypsnos)


    14 years, 2 months ago

    This question may be better of on the “Miscellaneous”-forum but it would be great to get some answers anyways. And if I’m right about this -maybe it should be discussed? (Altough I’m a bit suprised that it hasn’t been already!)

    When we (the useres of www.ads-software.com) register our domain and usernames we only have the option to choose “admin” and then our own personal password. Why is that?
    Isn’t a bit unsafe that we all have the same username?

    I mean, there are a whole bunch of worldclass hackers out there -how easy is it to “break” the code, find the password and hack into all the sites that uses wordpress?

    -karo-

Viewing 13 replies - 1 through 13 (of 13 total)

  • You can change the admin user name – either by editing the database directly or using a plugin.

    Or if you don’t want to use a plugin or edit the db, you can create a new user, grant it administrator role, then use it to delete the “admin” account.

    But to answer the original question, I don’t think it makes things that much more insecure – most hacks are scripts that attack vunerabilities in software, they don’t bother trying to actually log in.

    Thread Starter Karo

    (@hypsnos)

    Seriously? Ok, cool!

    I did ask the same question to my hosts support (online and he knew wordpress more than anything he said) -and was told different.

    But if it works it’s great!
    Could any of you point me in the right direction though?
    Create a new user on wordpress.com?

    Thanks for the answers! (I’m still a learning, working hard, neewbie)

    -karo-

    wordpress.com?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    I thought 3.0 let you pick your admin name on creation?

    Thread Starter Karo

    (@hypsnos)

    Yeah, sorry -did try it on my adminpage just now, but I cannot use the same mail-adress twice. So -how do I change it within the db? Anyone who cares to give me a kind of step-by-step..? ??

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    Change your admin account to a temp email and sign up with the one you want (though I had thought you could login as admin and manually register people with the same email… maybe that was a long time ago)

    You can surely register people, ‘cos I’m fairly sure I somehow managed to register an account without an email address on my test site.

    https://www.ads-software.com/extend/plugins/search.php?q=Change+Admin+Username&sort=

    Thread Starter Karo

    (@hypsnos)

    Thanks for taking interest guys! ??

    I did what “ipstenu” said and used a temp email and created a new user. And even though that solved my original problem -I now can’t get rid of the orignial “admin” user. Both are set to be administrators -but the old one has no “delete”-option on it’s profile page.

    Sure, I can have both users there -I just don’t have a need for it.

    I will take a look at the plugin options, but if anyone knows how to change this in the core files of the database, I would be so happy to learn and listen. To many plugins and I go mad, it’s just to much “clutter” in the end to keep updating etc.

    -karo-

    Once you have created your new admin user, log in as that user. Then you should see a “Delete” option in the “Users” (quick edit) view (not on the actual user edit view)

    Thread Starter Karo

    (@hypsnos)

    Forgot to say thanks! mrmist had the final saying, and it worked! Problem solved -and no more “admin” on my account, fantastic! ??

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Login -unsafe?’ is closed to new replies.