Using ‘admin’ as a username is not awesome

And so apparently is demo, adm, and toor

WordPress stopped auto filling in the ‘admin’ username on install a while ago in version 3.7, but that doesn’t mean someone can’t fill it in that way themselves. Here’s a screenshot that shows why this is a bad idea:

bruteforce-admin-wp

 

I get these bruteforce notifications multiple times a day. Here’s a few other usernames they like to try:

  • demo
  • adm
  • toor
  • user

toor? What the heck is that?

Leave a Reply

Your email address will not be published. Required fields are marked *

Tell us about your project.

We'd love to hear what you're working on.

Work with us

Hi. We are Spigot. Telemarketers pronounce it Spy-got.

We are a Park City, Utah based web design shop that excels at building custom websites powered by WordPress and WooCommerce. We love content - content strategy, content curation, content soup...????Have a look around the site. As you browse you'll find useful navigation links in the sidebar on the left. We hope you find them useful anyway... Please let us know what you think, shoot us a message here.