Following on from the previous article about not making the admin account easy to spot we can apply the same train of thought to a WordPress blog. The majority of blogs on this site have a single author (this blog included). That means it’s safe to assume that the author of all the articles is the user who has admin rights to the blog.
WordPress used to force people to manually add code to the functions.php file, which is attached to every theme, however they must have noticed a lot of people doing it as they’ve now added a nifty toggle switch on the site which you can use to hide the author’s name. Heres how to find it:
Once logged in to WordPress select “My Site” then “Customize”.
2. Select “Content Options”.
3. Untick the “Display author” box.
Your posts should now have a blank space where the author used to be shown:
Little tips/tricks like these won’t stop any determined attacker, but remember. The longer someone has to spend getting access to somewhere, the more likely they are to give up before getting what they want.
Getting access to the admin account of a system would normally give a hacker total and unrestricted access to anything they wanted to view.
As well as keeping the password private its also possible in most situations to try and keep the username itself private. A lot of systems use a generic firstname.surname or firstinitial.surname naming system for their users and then make a hackers job much easier by naming the admin account “admin” or “administrator”.
If someone saw this list of accounts they now know which account name to try and break into:
By keeping the naming convention the same for all accounts an attacker needs to do more homework before they can figure out which account to try and break into. Anything that results in an attacker needing to spend more resources/time on your systems increases the chance of them giving up and leaving.
Names to avoid:
Anything that looks different compared to other usernames on the system
Can I create a non-admin account and call it admin?
Yes, you sneaky dog! Most people wouldn’t suspect an admin account of being fake and is likely to waste the time of anyone trying to break into your system.
How to change the username in Windows 7:
Each OS will have its own instructions for changing username, heres an example using Windows 7:
Log into Windows using the admin account you wish to change the name of.
Start >> Control panel >> user accounts.
Click on “change your account name”.
Choose a less obvious name for the account and press “change name”.
This blog is started to help inform people about the masses of information that is being stored online about them and their lives. There are countless stores of personal details about your Internet activities and not everyone is aware that they exist, or more importantly, how to get rid of them.
If you’ve got a job interview coming up and want to make sure potential employers don’t see anything that might harm your job prospects or are just someone who wants to keep their private life private this blog aims to build up a collections of guides for how to find out what the Internet knows about you and how to remove it.