How to Change WordPress Username?
WordPress login page is your first line of defence against hacker, bots and the rest. Which is why protecting the login page is important. There are various ways of securing a WordPress login page like using HTTP authentication or two-factor authentication or implementing strong login credentials, i.e. WordPress username and password.
WordPress is not just a popular website building platform but a target of hack attempts. Over 90,000 hack attempts are made on WordPress sites in every single minute of the day. Given the current state of cybersecurity, a site owner can no longer take the issue of WordPress security lightly. While there are several ways of securing a WordPress site, implementing a strong username is an essential step towards hardening your site’s security.
What is a WordPress Username?
The WordPress login page is the entry point to your site. The login page has a two-part: username and password. Only after you insert both the username and password correctly can you access the WordPress dashboard. Before discussing what a WordPress username is, let’s try and understand the role and significance of the username.
Imagine that the WordPress website is a house and the front door is the login page. The door opens with a key. Likewise, the login page requires username and passwords. Login username and password together are called ‘login credentials.’ Log in credentials are the key to your website. If a stranger, especially the one with bad intentions gets his hand on the key, he can wreck a lot of damage on your house (i.e. website). Therefore having a unique, hard to guess username will make it almost impossible for hackers to breach your website.
Now that we know the role of usernames in keeping a WordPress site secure let’s go ahead and discuss what exactly is a WordPress username. A lot of people use the term admin or other easy to remember usernames when creating their account. They are unaware of how hackers use these easy usernames to try and get into a site. If someone was trying to guess your credentials to break into your site, the first thing they try to crack is the WordPress username. If you are using an easy to guess username like admin, the hackers just need to worry about the password.
Why Change Your Username?
Hackers usually program bots to carry out hack attempts to login pages. It’s called brute force attack. Adding numbers, symbols and creating a cocktail of characters make it hard for bots to guess the credentials. Most users think creating a strong credential is only limited to creating a strong password. But anyone trying to log in to a WordPress site needs to get both the username and password correct. By using strong username and password, you can make it harder for hackers to break into your site.
There are a few things you need to consider when choosing a username:
It goes without saying that the username should be unique. Make sure that the username is different from your author name. Suppose your name is Ruby. When you publish something on your site blog, an author page is created. Hackers who are trying to figure out the username of your site, may look at the author name and try using that as a username. If your username is Ruby, then you end up unwittingly helping the hacker. Therefore the username should be something that hackers can’t find on the website.
Another thing you should be mindful of is to never set ‘admin’ as your username. Also, ensure that you don’t lose any of the content you have written. When changing the username, you will be prompted to assign a new author for the content you have published on your blog.
How to Change WordPress Username?
There are three ways of changing the WordPress username. You can do it from within the WordPress dashboard. Or you can use phpMyAdmin from your web hosting account. Or use a plugin to change the username.
In this post, we’ll show you both the methods.
1. Change Username From WordPress Dashboard
It’s better to let the cat out of the bag in the beginning. WordPress does not allow users to change usernames.
Therefore what we are going to do is create a new user, give him the same administrative powers, and attribute the contents you’ve published to the new user. Here we go:
Step 1: On the left-hand side of the WordPress dashboard, there are many options, and User is one such option. When you hover your cursor on Users, three more option appear. Select the one that says, Add New. It’ll take you to a page where you can add a new user to the site.
Step 2: Fill out the form and make sure the username is unique, the email address and password is different to the one that you are already using. Remember to choose the Administrator Role.
Step 3: Now log out and then log in again using the new email and password. You’ll be logging into a new account.
Step 4: Go to the Users page again and delete the previous account. When you click on the Delete button, WordPress will ask you if you are sure. Choose Confirm Deletion.
Step 5: WordPress will then ask you what to do with the post that the user has published. You can attribute those content to your new user account.
Congratulations! You now have a new username.
2. Change Username Using Plugin
Things are going to be significantly easier if you use a plugin. While there are several plugins that’ll allow us to change WordPress username, the one that we’ll be using here is called Username Changer.
Step 1: Install and activate the plugin like any other plugin.
Step 2: If you hover your cursor on Users that appears on the left-hand side of the WordPress dashboard, a few more options will appear. You should be able to see Username Changer right below the Your Profile tab. Select that.
Step 3: You’ll be taken to the Username Changer page, where you can change the WordPress username. Don’t forget to hit Save Changes.
Step 4: Now log out and then log in again using the new email and password. You’ll be logging into a new account.
And that’s it. You have a new, hard to guess username.
3. Change Username From phpMyAdmin
This particular method is a bit tricky, and we’d recommend you don’t implement this unless you are familiar with the WordPress database. Whether you are an amateur or an expert, we’d recommend you back up your site so that you can easily restore it if any disaster should occur.
Step 1: Log in to your web host account and go to the cPanel. In there, select phpMyAdmin. Our site is hosted on HostGator, and we are using it for this demo. Once you select phpMyAdmin, the database would appear.
Step 2: In the phpMyAdmin, select the admin database of your WordPress site.
Step 3: Next, a number of tables would appear. In those, you have to select the ‘wp_users’ table. Information about all users on your site is stored here.
Step 4: Locate the username you want to change, and click on the option Edit.
Step 5: In the next page, type the new username as the Value for userID. Note that when you enter the username, the field will turn red. It’s just phpMyAdmin alerting you of a change so don’t get alarmed.
Step 6: Once you have changed the WordPress username, scroll to the bottom of the page and click on Go. It’ll save the change you just made.
That’s it. Now you have a new and far more secure username.
Over to You
Creating a strong username and password is the first step towards securing your WordPress site. We’d also urge you to implement HTTP authentication and two-factor authentication. For comments and questions, contact us. Thanks for reading.
Sufia is a WordPress enthusiast, and enjoys sharing their experience with fellow enthusiasts. On the MalCare blog, Sufia distils the wisdom gained from building plugins to solve security issues that admins face.