The admin account in WordPress is an inherent weakness because it's the first thing a hacker will go after.
There are a couple of ways to solve this, both involving replacing the 'admin' user with something not quite so obvious.
The Expert Way
If you're comfortable entering an SQL query in phpMyAdmin or another MySQL interface tool, the following query will deal with it lickety-split by renaming the account.
UPDATE tableprefix_users SET user_login='newuser' WHERE user_login='admin'; |
The Not So Expert Way
It that makes your eyes glaze over, the alternate is almost as easy.
- From the dashboard where you edit your profile or create posts, select Add New from Users menu.
- Create your replacement account. Pick a name that works for you. 'Hippo', 'Aardvark', whatever. Create the account, assigning it Administrator privileges.
- Log out and log back in with your new account.
- Go back to the Users menu, click Authors & Users, and hover the mouse over the admin account row.
- Select Delete from the menu that appears when you hover over Admin.
That's it. You've replaced your admin account with something that's not going to be so easy to guess, and closed a security weakness for your blog.