No doubt one of most common ways hackers will try and access your WordPress site is via the login page. The reason for this is that the address for most WordPress login pages ends in wp-login.php.
On top of this, most WordPress usernames aren’t changed on installation and remain the default which is admin. Hackers know this and therefore focus on trying combinations of your password using software programs.
If you change your username to something other than admin, and use a combination of lower and uppercase letters and numbers which exceed 10 digits, you’ll make it very difficult for a hacker to get into your site.
Hackers use automated programs to scan the internet for WordPress sites which end in a sub directory of wp-login.php, preceded by their unique domain.
The best way to secure your WordPress site is to use a long username and password.
You can also install the Limit Login Attempts plugin which also helps protect your site from a hacker using a program to try combinations of passwords.
Changing Your WordPress Password
The easiest way to change your password is to navigate to Users > Your Profile and change your password to something longer than 10 digits combining lower & uppercase numbers, letters and symbols.
Change WordPress Login Details in PhpMyAdmin
Changing your WordPress login username can be done in phpMyAdmin
- Login to your webhosts cPanel account
- Navigate to the Databases section
- Click on PhpMyAdmin
- Locate the database for your WordPress installation in the left hand sidebar of PhpMyAdmin
- Scroll down to wp_users in the left hand sidebar and click
- Click the Edit link to access your username as shown in the image below
Once you click the edit button you’ll arrive at this screen below.
Here you can change your WordPress username and even your password as well. Click the Go button after changing any of your login details.
Using a strong username and password combined with the Limit Login Attempts plugin is a big part of securing your WordPress blog from being hacked.
Another way to protect your site from hackers is to install an all in one security plugin which also limits login attempts.