Icon Web Designs - Omaha Small Business sites, Joomla Development, and NitroSell Templates
Friday, 23 April 2010 07:51

Create a New Admin User Account - The First Thing You Do With Your New Joomla! 1.5 Site

Problem: The default admin user account is not secure.

Why is this? First, the accounts username is always "admin" to start with. Now it is simple enough to change the username in the User Manager, but this is often left unchanged.

Second, the user id number associated with admin account is always "62". Changing this would involve a much more complicated procedure involving the database.

Hackers, armed with the above knowledge they may be able to use SQL injection and to change the password.

Solution: Create a new, more secure admin account and delete the default account.

This tutorial will take you through the essential steps for deleting the default "Admin" account and replace it with one that is more secure.

Note: This procedure in no way guarantees the security of your site. For more information regarding improving the security of your site go to the official Joomla Security Center

Step 1 - Create Your New Administrator Account

Login into the Joomla Administrator site using default Admin and Password

Login under original Admin account

Click "User Manager" on the dashboard. (You can also navigate to the User Manager via the "Site" Menu at the top.)

click on User Manager

The "User Manager" will show all the user accounts of your Joomla site.

Click "New" in the top right corner

Click 'New'

Complete User Details as Shown:

  • Name: Use your regular name if you like.
  • Username: It is best that your username not be the same as your name. Keep it simple but also difficult to guess.
  • New Password + Verify Password: Make it as long and complicated as possible. You might want to use a password generator tool. (Search for the words "Password Generator.")
  • Group: Select "Super Administrator"
  • Block User: Select "no"
  • Receive System E-mails: Select "Yes"
Create new Administrator Account

Click "Save"

Save new user account

You will see your new account in the User Manager.

New admin account will appear in the user manager

Click "Logout" in the top right corner.

Log out of the administrator site

Step 2 - Change Default Admin Account Group

Login using the new admin username and password

Login using the new Admin account credentials

Again, go to "User Manager"

Go to User Manager

Select the default account and click "Edit"

Why not just delete it? Joomla does not allow Super Administrator accounts to be deleted. It's group must first be chanded to "Administrator."

Select the original Admin account and click 'Edit'

Under 'User Details' change the group to "Administrator" and click "Save"

Select 'Administrator' under group and click 'Save'

Step 3 - Delete Default Admin Account

Once the group has been changed to "Administrator" you can now delete the account

Select the original admin account and click 'Delete'

Select original admin account and "Delete"
Published in Blog
Read more...
©2010 Icon Web Designs, All rights reserved.