[wp-trac] [WordPress Trac] #24078: Remove 'admin' as default username in install

WordPress Trac noreply at wordpress.org
Sat Apr 13 21:21:30 UTC 2013


#24078: Remove 'admin' as default username in install
-----------------------------+------------------------------
 Reporter:  chrisrudzki      |       Owner:
     Type:  defect (bug)     |      Status:  new
 Priority:  normal           |   Milestone:  Awaiting Review
Component:  Upgrade/Install  |     Version:  trunk
 Severity:  major            |  Resolution:
 Keywords:  has-patch        |
-----------------------------+------------------------------

Comment (by mark-k):

 It is not major because it is a feature request and not a bug as you
 haven't demonstrated that there is something which doesn't work. In my
 experience users don't select admin as a user name even if there is some
 code path in which it is a default. ("admin" is natural administrator user
 name only for english speakers).

 > Regardless of whether the username is discoverable, this is a pretty
 simple step that'll either add some protection or, in the worst case given
 more sophisticated bots, no extra protection. It's also worth considering
 that many users will probably keep their usernames around for a while, so
 it's worth addressing this sooner than later.

 3.6 is in beta, so IMO later is the only option when you want to touch
 something critical like install procedure, no matter how trivial a change
 might look.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/24078#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list