Prevent User ID enumeration in WordPress | Hide ID and Username
WordPress is a open source CMS website platform. it is easy to know real login admin username. You only need to call the script. There are several ways that you can see a real login Admin ID. One of them simple to genius, WordPress admin corresponds to ID = 1, it may be 2, 3, or higher. it is not difficult to find out the real ID number and username. so it is enough to drive the uptake of the URL address of the site. Just put this (/?author=1) end of the URL. Here’s an example http://your-site.com/?author=1 or http://your-site.com/?author=2 and up. you can get the author ID and username. Then you need password? There are many password generator software. by this software bad man can easy crack website. if you have a WordPress site cheek by this method and take a decision how to secure your site!
Experienced webmaster can easily secure username and ID number
* Create a username with higher ID, like 54321 using phpMyAdmin.
* include different user with separate role
* Discover Nickname and Public name
* Hide real user and ID from every where
* Use 2 security .htaccess file for Author Username and ID ( Code only Recommend by WP )