• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WPSecurityLock – Malware removal & WordPress security services

WPSecurityLock – Malware removal & WordPress security services

WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About
    • About Us
    • Speaker Information
    • Contact Us by Phone, Email or Live Chat
    • Testimonials
  • Security Services
    • Malware / Virus Removal
    • WordPress Security and Installation Services
    • Monthly Security Packages
    • SSL Conversion Service (HTTP to HTTPS)
  • Blog
  • Resources
  • Contact
  • SafeWP

WordPress Security Tip: Protect Your WordPress Login Details

August 24, 2011 By Regina Smola 8 Comments

Protect Your WordPress Login DetailsDon't give away the keys to your store! Never post your WordPress log-in details!

This morning I was catching up on emails and received a very alarming notice. Now, I'm not going to call anyone out, but this email impelled me to write this blog post right away.

I'm a frequent user of the WordPress.org forums, which is an excellent resource to get help with self-hosted WordPress sites. However, posting pertinent information on the forums, just like any public site, is a no-no!

One of the users (a web designer) of the forum was seeking help for an error message on his client's website and posted the log-in details on the forums. YIKES!!

I'm not sure if the designer needed a good dose of caffeine, a brain scan, or was in such a panic that he/she felt it necessary to post the administrator username and password on the forum to get help faster.

Your username and password for your WordPress blog or ANY other place you log-in is PRIVATE!! It should never be shared with ANYONE! If you have someone work on your site, give them their own unique log-in details and when they're done, remove them.

Think before you post! If you hire someone, make them sign a non-disclosure agreement (maybe it will put a spark under their butt to remind them that your pertinent information is sacred) . And monitor your webmasters to make sure they are using common sense, protecting your data, and know what they're doing.

Leave Your Feedback

Do you have your webmaster sign a non-disclosure agreement? What would you do if your web designer posted your log-in details on the web? How do you monitor your WordPress admins? Leave your comment below.

Securely yours,


Regina Smola
WordPress Security Expert
Follow me on Twitter
Follow WPSecurityLock on Twitter
Become a Facebook Fan

Filed Under: Protecting Your Content Tagged With: protect wp login process

Reader Interactions

Comments

  1. John Hoff says

    August 25, 2011 at 10:30 am

    Yikes is right. Man what a stupid thing to do.

    Reply
  2. Josh says

    August 28, 2011 at 2:09 am

    Great article! thx!

    Got 2 great plugins i’m using totally FREE)
    1.Jumpple – If something is wrong with your website,Jumpple will notify you via Mail,SMS,Skype,Google chat and more.Does it work? it works great!
    2.SweetCaptcha – Got a CAPTCHA on your website ? you and your users hates it? sure – we hate it too…
    That is why we invented SweetCaptcha! Design it yourself or choose a ready design from the categories.
    Cheers,
    Josh.

    Reply
  3. Alex Newell says

    October 26, 2011 at 1:17 pm

    And just imagine you’d just hired this turkey to fix your blog…!

    Tx

    Al

    Reply
  4. Kim says

    October 26, 2011 at 1:11 pm

    Wow! That’s spooky stupid. I use non disclosures, but you never think that it should have to include such obvious security related things.

    Reply
  5. Angela Bowman says

    October 26, 2011 at 1:15 pm

    Wow! That’s really a brain blimp. I try to only give my clients Editor or lower privileges and restrict the number of admins. I counsel my clients on how absolutely critical it is that they keep their admin login secure and change the password periodically. I can’t imagine any of my clients posting on the forums. They usually turn to me for that kind of help. I give them the admin login info, but tell them that’s only in case I’m not available and they should login with their editor or contributor user when they are adding new posts.

    Reply
  6. David Perdew says

    October 26, 2011 at 9:24 pm

    I don’t know about people sometimes.

    I’ve done some really stupid things in my life and most of them happened because I just didn’t expect that bad things will happen. I was told long ago there was a big difference between trusting people to do the right thing and being stupid.

    I hate being completely locked down at every turn. But I also love my close friends, family and NAMSters. If someone divulged my private access content – on purpose, maliciously or not – that would be the end of that relationship. In any sense. (I really hope my wife never does that. I’d hate to see her go…)

    That’s just too dumb. Especially for a web designer!

    dp

    Reply
  7. Doug Smith says

    October 27, 2011 at 8:40 am

    The world is a better place because Regina is in it! Good catch.

    Reply
  8. Lilia Lee says

    November 2, 2011 at 11:22 am

    Holy moley, bat friends. Talk about irresponsible, nit-witted things to do!

    I hope the customer fired the developer.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let’s work together:

Get in touch with us and send some basic info about your project. Don't be shy, we can help with just about anything.

Contact Us!

Footer

  • Facebook
  • LinkedIn
  • Twitter

Contact

Call 815-600-7270
Contact
Mo,Tu,We,Th,Fr 9:00 am – 5:00 pm

Get WordPress Help Now

Chat With Us!
Submit A Support Ticket

Copyright © 2025 | WP Security Lock, Inc