Remove username restrictions

Not letting us set “admin” as the default username doesn’t help with security of a local site.
For a non-local site… security by obscurity isn’t security and all that.


Hey Michael,

Thanks for the suggestion. This will be changed in a future update :slight_smile:

I second this. Any news on when this is going to be fixed?

Using admin as admin name is bad practice. Sure, it may be security by obscurity, but if it prevents useless attacks and therefore system resources, it is not a bad idea. If you are forced and thereby trained to not use admin as username on local, you will most likely not use it in production.

Not saying not to remove the restrictions, just offering my thoughts based on my years of effort trying to make WordPress more secure for our customers.

1 Like

Adding arbitrary restrictions to a development tool (especially the tool the creates the development environment) is a very bad idea.

1 Like

Hey all,

This change will be in the next release for sure.