FAQ: Why should I change the name of the default admin user as soon as possible?

This is the archive off all FAQ related threads.
Locked
User avatar
rliskey
Joomla! Guru
Joomla! Guru
Posts: 828
Joined: Tue Jun 06, 2006 7:41 am
Location: California, Germany, Norway
Contact:

FAQ: Why should I change the name of the default admin user as soon as possible?

Post by rliskey » Wed Jan 10, 2007 6:16 am

Overview
All new Joomla installations start with a Super Administrator account called, 'admin'. During the installation process, you will be asked to give this account a password. That's great as far as it goes, but because the user name of this highly-confidential account is generally well known, 50% of the security of the username/password combination is already exposed. Now all anyone needs to do is guess the password and they're in.

By changing the user name to something more difficult to guess, you greatly increase the difficulty of accessing the account. An attacker must guess both the user name and password correctly at the same time to gain access. This is several magnitudes more difficult than simply guessing the right password.

Directions
   1. Log into the Back End
   2. Select User Manager
   3. Select the 'admin' user record
   4. Change the value in username. (Good user names contain a mix of letters and numbers.)
   5. Save
   6. Remember the new user name!

Last but not least!
If you ever forget the admin user password (or someone breaks in and changes it on you), see this FAQ for directions on how to regain access.

Back to Security FAQ Table of Contents
Keywords: reset administrator, password, admin, pw, security, help, faq
Last edited by rliskey on Thu Mar 22, 2007 1:38 am, edited 1 time in total.

Locked

Return to “FAQ Archive”