In various blog posts, security bulletins, etc. you can read, that you need get rid of the default "admin" user with Super Administrator privileges (and with the default UserID of 62 or 42 - depending on Joomla version) to prebent hackers using the well known username and user ID to start dictionary attacks or carry out successful SQL injection attacks against your site, but how? If you go to Joomla user manager, and want to simply delete it, you can't. More, you can't even disable it! WTF...
Hey, it's not that complicated!
Let me show you how can you do it in a simple - and fool-proof way!
- Go to administrator, and log in with default Super Administrator user
- Go to User Manager
- Create another SUPER ADMINISTRATOR user with a new username and password (be stealthy and clever, use something not too easy to guess, like "mydomainadmin" and use a strong password)
- After the new SUPER ADMINISTRATOR user is created, logout from Joomla admin
- Login again with the new SUPER ADMINISTRATOR username and password
- Go to User Manager
- Downgrade the default "admin" user name to Registered level (or any other level under Super Administrator level)
- Disable the user name by clicking thick icon in the "enable" column
Now your admin user name in Joomla has been disabled and deactivated, and you also prebent others to use the "admin" as username. Be aware that doing this kind of changes in the database qualifies as a core hack - backup all your backups before to attemt this.
