[wp-hackers] Possible security patch

Lynne Pope lynne.pope at gmail.com
Mon Dec 7 22:39:41 UTC 2009

This is kinda like killing a mosquito with a sledgehammer.

Allow users to select admin username at install time.

On the introduction to WordPress post add a note:

"Before You Start Posting

Nothing on the web is 100% secure. The version of WordPress that you are
using is as secure as possible but you can harden security with one simple
Login to WordPress. Go to Users. Then create a new user account for
yourself, giving this account the Editor role.
Using this Editor account for posting makes your Administrator account
harder to identify. "

I don't like the idea of allowing usernames to be changed from the backend
and feel that the only changes needed are the ability to input a custom
admin name plus some education.


More information about the wp-hackers mailing list