When WordPress is installed it defaults the username to “admin”. Everyone knows that, including the hackers who want to exploit your website. Using the default admin username makes brute force attacks easier by cutting the hacker’s challenge in half.
What are brute force attacks on WordPress?
Simply put, brute force attacks use a forceful program to guess and check every combination of username and password in order to gain access to your website. So if they already know the username, then breaking in to your website is much easier. Brute force attacks are by no means elegant, but they are effective and brute force attacks on WordPress websites are the most common type. In fact, brute force attacks are on the rise worldwide. Continue reading “WordPress Security: Don’t Use the Default Admin Username” »