Remove login username from author slug, replace with author name

change author slug on WordPress

Age of Article Warning:
This article was originally published 52 months ago. The information, tips and techniques explained may outdated. Examples shown on this page may no longer work. Please consider this when viewing the below content.

If you have ever viewed the author URL on a WordPress website, you may have noticed that it might be any of the following:

  • ▪www.domain-name.com/author/admin
  • ▪www.domain-name.com/author/(author’s actual name or nickname)
  • ▪www.domain-name.com/author/(combination of characters)

By default this is the username that is used to login to the WordPress backend. So ideally you would want to be displaying your name or nickname. If you see the last option, then it is highly probable that this is the user’s actual login username. As you can imagine that causes a security issue.

When setting up usernames for WordPress it’s recommended that you make the username something less obvious than “admin”, The reason for this is that if someone is trying to hack into your website then they need to find out your username and password – a 2 part combination. If you use an easy to guess username like “admin” or “your-name” then you are effectively giving hackers half the combination to your WordPress backend.

Ok so what to do if your WordPress author slug is revealing your login username to the world?

There is a really easy fix for this if you are willing to take a quick 5 minutes, and are not scared to enter the realm of phpMyAdmin. First things first however, before we start. BEFORE you ever start entering your mySql database, save yourself any future headaches by ensuring you have a current database backup.

Now that you have backed up your database, here’s how to fix that author slug:

  1. login to phpMyAdmin – this is usually via your hosting console > cPanel > Databases > myPhpAdmin
  2. Now go to your WordPress database and then edit the “wp_users” table. Note if you have named your WordPress tables as not wp_ then it will be your table-prefix then “_users”
  3. You will see either 1 row or multiple rows, depending on how many users you have for your WordPress website
  4. Each row has several columns, including user_login (this is login username), user_password (encrypted), user_nicename, and more. Note the last column is display_name, this is how the author name appears on the posts and can be set from within the User edit options inside the WordPress dashboard.
  5. The field that controls the author slug is the “user_nicename” field and so modify this field to something relevant, but other than your login username.
  6. Save
  7. Go back to your website, find a link to your author page and view the changed URL.
Filed under: WordPressTagged with: ,

5 Comments

    • thanks Muhammad

  1. I have tried every fix that I have found and none have worked. I just went into my users table and changed the user_nicename to another relevant name as you suggested. Still able to visualized my admin username using domainname.com/?author=1. Then I changed display_name and still no luck.

  2. Amazing post! Great! It Worked!

    I was always worried about this. I had a plugin but I am starting a new site and want to limit the plugins. thank you!

    • Hi Barb,
      thanks for the feedback, glad to hear you found the security tip useful.


Comments are closed for this article!