Samvel Gevorgyan

..we had the same kind of an issue,..please check weather you are using a plugin called “LiveJournal Crossposter Remix”..if so, just deactivate it and everything will work fine.

..sure, guys, there are many many other ways to make it hard for an attacker to break into your system. and those are limitation of the login attempts or assigning minimum privileged for the default users, etc.

..you know, I like the way the login system works on www.ads-software.com. unlike other systems username and the password are important for this system at the same time. I mean, username is case sensitive and that’s great. because in the blog posts this website may show the usernames in lower case, and only the owner of that profile will know whether his username is uSeRnaMe, USERNAME, username, etc. and this will add double protection to the system. and if you also add a limitation for the login attempts, etc. it becomes almost impossible to break an account.

there is no absolute protection in this world. and the only thing we all do is adding more and more security layers for malicious users to deny access to a particular resource. in other words we have gates, dogs inside the gates, doors, windows, locker on the doors, alert systems in the house and finally the safe. so if for me it’s too hard to jump over the gate, there will be people for whom it is not so difficult to bypass all these security layers and open the safe
I mean we make it time consuming for the malicious users to hack the system.
So your username is as much important as your password. Because if I known your username I’ll try to implement an brutforce attack to find your password. Otherwise it may take more than a month to try all the cases for usernames and passwords at the same time. which time consuming and while someone tries this, you probably will change the password.
one thing I’ll tell you about the *.nix machines. the same thing on those machines, you don’t know what users are in etc/passwd file, otherwise you could take the name of the ftp user and try some of the thousand ftp bruteforcers in the web. but those usernames are in safe place and for security reasons it’s recommended to change the default usernames.

yes, in wordpress you have such an option to change the default username. but on 90% websites that are based on wordpress, you can just simply open any topic/post created by the Administrator and see something like “posted by Administrator” or whoever he is.