A quick security related post for your wordpress blogs. I’m going to tell you about the importance of having a secure password *yawn* and also the benefits of having a different username.
Always use strong passwords on your wordpress blog, this is a given, everyone tells you to have a strong password and wordrpress will check your password as you sign up to make sure it meets a minimum requirement. Using names, or numerical sequences as your password is a really bad idea. Your password should include upper & lowercase letters, some numbers and if you can the odd symbol like $%*!. The problem with strong passwords is remembering them but there are a number of solutions out there to help you remember your passwords if you ask Google.
Everyone concentrates on making sure that you have a strong password for your site, just as I have done here, but another handy defence is to have your username different to your display name. What do I mean by this? Ok first a quick question, how many of you log in to wordpress using your real name and have your name displayed next to your posts in the same format like this?
So quite a few of you then?
If you log in to your blog as BobSmith the chances are that your posts will be published as Bob Smith, this gives hackers a head start when it comes to trying to get in to your site, they already know one part of the two part security authentication, (Username & Password), it is almost like giving them the first 2 digits of your cash card PIN. Now if you were to change your login name from Bob Smith to say FluffyBunny36 any potential hacker has 2 things to guess to gain access so doubling the amount of work they need to do to get to your prized possession.
Mixing up your login name and display name isn’t as difficult as it sounds in WordPress. From the dashboard just go to Users >> My Profile as you can see in the screen grab below you can can change your either your username or your display name.
If you want to change your username use the link to the right of your username at the top of the page, if you want to change your Display name then just change it in the box next to where it says Display Name Publicly As, apply the changes and job done, you have made your wordpress blog a little bit more secure.
This was written for people using wordpress.com but it also has relevance to people on self hosted wordpress sites, although usernames can’t be changed on self hosted sites, you do have the ability to create new users, and you don’t use the main admin account as your account for posting and updating do you?…
If you do decide to change your username please make sure you read the information on the change username page as by default wordpress associates your username with some other services and changing your username will affect these.