Malicious attmepts to breach your WordPress website typically occurs by individuals or automated scripts attempting to log in using the default username "admin" and then tests common passwords like "12345" or "abcd1234."
Please change your default username "admin" immediately!
- Use strong passwords that combine acceptable characters, numbers, and both uppercase and lowercase letters.
- Make sure to change the password for your administration email account as well.
- Enable Two-Factor Authentication (2FA).
Note: You must have the latest version of WordPress to activate this feature, allowing you to receive your username and password via your cellphone and email.
Secure your login details:
- Change your username to something long and unique.
- Update your password to something more complex.
- Change your email password to prevent password retrieval.
- Enable Two-Step Authentication.
Additional security suggestions:
- Use a reputable WordPress theme.
- Remove any plugins that you no longer need.
- Keep your WordPress version up to date.
- Consider setting up a safe list, a block list, or both for your admin access.