[00:10] <tomreyn> knome: about wordpress user 1 / "admin", I agree, chaging the username does notreally help, i just mentioned it as a strategy that was suggested at some point. it does seem better to delete user with id 1 and create a new one, not named "admin".
[00:11] <knome> tomreyn, indeed. though again, the user ID is what counts, because that's the one which is used when checking permissions
[00:11] <knome> (even though usernames still need to be unique and can't be changed..)
[00:13] <tomreyn> and thus could, under some circumstances (where username -> user id can be determined), enable an attacker to determine an admnistrative account (for further attacks) easily.
[00:13] <knome> of course
[00:14] <knome> but given that you can't even create an account named admin as the second account as that is already taken.. :)
[00:15] <knome> anyway, time to prepare for bed
[00:15] <tomreyn> even if it's deleted? ok, i didn't know that
[00:15] <knome> nighty everybody :)
[00:15] <knome> well
[00:15] <knome> it can't be deleted
[00:15] <knome> if you only have one user
[00:15] <knome> and are creating the other one
[00:16] <tomreyn> right, sleep well
[00:16] <knome> you'd first have to create and admin user for ID 2, then delete ID 1, *then* create *another* admin user for ID 3+, with the username admin
[00:16] <knome> so yes, that's technically possible, but i don't know why somebody would go through that struggle if they intend to use a dumb username after all :P
[00:17] <knome> but fair point, also don't use "sausage" as your password
[00:17] <knome> :D
[00:17] <knome> nighty!
[08:54] <Baytuch> hi