0 Flares 0 Flares ×

To secure your WordPress blog, many experts will recommend that you create a new WordPress administrator account and delete the default WordPress admin account.  The idea is that since every WordPress installation comes with an admin user, you’ve given away half of the battle for security.  Automated hacker bots can come at your WordPress blog by using the default admin username and then all they have to try and get is the password.

Deleting the admin account removes it as a target for hackers.  They can try all day long with automated or non-automated attacks to hack the admin account, but if it isn’t there, they’ll never get in that way.

There is a small glitch that most people fail to mention.

If you have already setup your WordPress blog before deciding to remove the admin account, chance are that WordPress won’t let you delete the admin account when you try and click delete.

Why won’t WordPress let you delete the admin account?

Because under Settings –> General there is a field where you enter an email address.  That email address is the administrative email address contact.  You cannot delete the account that the administrator email account is assigned to.

So, take one more step and switch the admin email address to match the one you setup with the new admin account.  Then, you can go back to the Users screen and delete the admin account without any trouble.

FYI – If you have not created another User account and assigned it administrator rights, you won’t be able to delete the default admin account either.  In WordPress, there always has to be at least one admin account, so you have to create the new admin account first, and then delete the old default administrator account.

0 Flares Twitter 0 Facebook 0 Google+ 0 Reddit 0 StumbleUpon 0 0 Flares ×

Tags: ,

7 Comments on Cannot Delete Admin Account in WordPress

  1. [...] Everyone who has ever dealt with WordPress knows that admin is usually the default account for WordPress installations, and most people never delete the account. This makes it easy to employ brute force cracking techniques since the username is already known. Instead, create a new account with administrator privleges and delete the admin account; you’ll get the opportunity to change attribution of all posts to your new administrator username. If you can’t delete the admin username make sure the email address under general settings matches your new account, not the admin account. [...]

  2. N.A. Winter says:

    Thanks for this. I had heard that this was good to do, but didn’t know how until this article!

  3. andebobandy says:

    i think, you’ll just have to log out of the admin account and re-login as the new admin user. you can’t delete an account that you are logged into.

  4. DME says:

    Nope, that didn’t work either.

  5. JMC says:

    RE: Cannot Delete Admin Account in WordPress

    I tried to change the admin email address to the same email address I used for the new administrator account and it wouldn`t let me because it said the email was already used. I need to delete the orginal admin account for security reasons.

    • WGHubris says:

      Change the email address to anything else (doesn’t have to be real). Then, set the new admin account to have the email address of the original admin account. Then, delete the original admin account and change the new admin account’s email to whatever you want it to be.

Leave a Reply

0 Flares Twitter 0 Facebook 0 Google+ 0 Reddit 0 StumbleUpon 0 0 Flares ×