WordPress security: don’t use admin / password

It’s happening all the time. Automated systems are trying to get access to your website. Some exploit known vulnerabilities; others just use brute force. The latest scare is a large botnet that attempts to find your WordPress administrator’s password and therefore get control of your site. It tries to login as “admin” using a huge set of passwords. If your administrator username is “admin” then you’re pretty vulnerable.
AND if your password is one of the most common then you’re stuffed.
So change both now!

Instructions: WordPress security – user names and passwords

Further reading: Is my site vulnerable?
Matt: Passwords and brute force
Hackers Point Large Botnet At WordPress Sites To Steal Admin Passwords And Gain Server Access

Leave a Reply