That’s why it’s important to have a safe WordPress login and password. What can you do? Make sure your username is not the name Admin or Adminstrator, change that WordPress password regularly and use different passwords than you use for other WordPress or FTP sites.
By default, when you set up WordPress it uses it with the username Admin, which means that when you login you type in the username Admin and some password. But this is giving the hackers half of the information they already need. If they already know that you are using this Admin, all they have left to guess is the password. But if your username is something like your first name or your first name and your last name, now they don’t know where to start. Now they are guessing about two different factors.
That’s why even though WordPress, by default, sets your username as Admin, the first thing you should do is create a new user account and name it your first and last name, save it and then delete that original Admin account, that will cut down on a lot of automated attempts.
Something else that is very-very easy to do is change your WordPress password regularly. For example, once per month. This means that you are always thinking of some new thing to type, and some new password that someone might never guess, because you are changing it every month. You would be surprised at how many passwords consist of someone’s name, child’s name, or pet’s name but if you are changing a password on a regular basis, adding in letters and numbers to it, now that’s a password that no one will guess which means that no one will have access to your site other than you and the people you choose.
Finally, set different passwords than other WordPress blogs you own. Set a different password other than your email address or your FTP account. The problem with setting the same password for different accounts is if someone gets access to your WordPress site, now they have access to your website, your other WordPress sites, your email, your FTP, and so on. But if you use different passwords for WordPress, for email and for FTP that means if someone happens to gain access to your WordPress they don’t have access to your other accounts.
Setting a safe WordPress login and password is easy, don’t use Admin as your username, change that password regularly and use different passwords for multiple WordPress blogs, for your email account and for your FTP account.
Play it safe, get peace of mind.