Why should you immediately change the name of the default admin user?

From Joomla! Documentation

Revision as of 12:27, 11 October 2008 by Jabama (talk | contribs) (New page: '''Overview''' : All new Joomla installations start with a Super Administrator account called, 'admin'. During the installation process, you will be asked to give this account a password....)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Overview

All new Joomla installations start with a Super Administrator account called, 'admin'. During the installation process, you will be asked to give this account a password. That's great as far as it goes, but because the user name of this highly-confidential account is generally well known, 50% of the security of the username/password combination is already exposed. Now all anyone needs to do is guess the password and they're in.
By changing the user name to something more difficult to guess, you greatly increase the difficulty of accessing the account. An attacker must correctly guess both the user name and password at the same time to gain access. This is several magnitudes more difficult than simply guessing the right password.

Directions

  1. Log into the Back End
  2. Select User Manager
  3. Select the 'admin' user record
  4. Change the value in username. (Good user names contain a mix of letters and numbers.)
  5. Save
  6. Remember the new username!

Bold text

Retrieved from "https://docs.joomla.org/index.php?title=Why_should_you_immediately_change_the_name_of_the_default_admin_user%3F&oldid=11051"