Last Chance: Cyber Monday 40% OFF



Tackle WordPress weaknesses and fortify your website Learn more

When attacking WordPress websites, guessing usernames and passwords is still a commonly used method to gain access to a WordPress back-end. It goes without saying, that using easy to guess passwords like ‘12345’ or ‘Welcome2022’ will make it really easy for attackers to login to your administrator account.

The same goes for usernames; using easy to guess usernames like ‘Admin’ will make it too easy for attackers. This is why Really Simple SSL allows you to prevent usage of the ‘Admin’ username. If there is already a user registered with the username ‘Admin’, you can automatically change this username into a more secure username.

The rename admin username function in Really Simple SSL
The rename admin username function in Really Simple SSL

Unfortunately, we have seen Really Simple SSL users activating this functionality without knowing which email address they used to register their ‘Admin’ user to the site. As currently the new username will be randomized, this can cause you to be logged out without knowing a username or email address to login again. This is why we created the solution below.

Creating a temporary Administrator user to regain access to your backend

If we can create a new Administrator user, we will be able to look for the email address for your ‘Admin’ account. In order to do this, you will need access to your site via FTP or a File Manager tool. You should be able to find FTP credentials or a File Manager via your hosting Dashboard or cPanel/DirectAdmin environment. After you have collected these credentials, please follow the steps below.

  1. Download our users.php file via GitHub.
  2. Open the users.php file using a Texteditor or tool like PHP Stom/Atom and enter the desired username, email address and password for your new (temporary) administrator user.
  3. After saving the users.php file, login to your FTP client or File Manager tool and place the file in the root folder of your WordPress website (the folder which contains /wp-content, /wp-admin, etc.). Keep your FTP Client or file manager window open.
  4. User your Browser, visit your website /users.php (eg. This will run the script and create the user with the provided credentials.
  5. Important: After using the users.php solution, immediately delete this file from the root folder, to prevent anyone else from creating an Administrator user for your site :-).
  6. You can now login with your new Administrator user to search for the username or email address used for your renamed ‘Admin’ user.

We will be updating the rename Admin user functionality with more failsafes to prevent our users from locking themselves out. If you need any assistance in regaining access to your WordPress website, please feel free to open a support ticket.

Advanced Security

Tackle WordPress weaknesses and fortify your website. New hardening features!


Want to know the in and outs of security jargon? Get to know our features.

Premium support will offer assistance in 24 hours. If you need help, or have any questions just contact our awesome support team/

Related articles

Beta feedback

New: WordCamp Presentation Get PRO Beta program feedback You can leave your feedback below. Please let us know your PHP version and server type (e.g.

Read More

Meet Really Simple SSL 6

Meet Really Simple SSL Our major release Really Simple SSL 6 is coming soon. Read about our update below and joining our beta release program!

Read More