Enhance WordPress security by usage of @nicknames.
Since hashtagger Version 2.0
@username can be used to automatically link to the profile page or the homepage of the given user. In hashtagger Version 2.1 an option was added to use
@nickname instead of
It turned out that this is the better option but for compatibility with version 2.0
@username is still the default. It is highly recommended to use
@nickname to enhance WordPress security!
The username is used to log in to WordPress Backend. Publishing the username on your WordPress site is not the best idea because this tells half of the needed credentials for log in to the public! So do not give away your username, use nickname instead!
Change the Nickname!
When adding a new user the Nickname field is not showed. WordPress automatically sets the Nickname to the Username. After adding a new user you have to edit the users profile to change the Nickname. Always change the Nickname to not expose your username!
Use Nickname in hashtagger Plugin!
Activate the option to use @nicknames instead of @usernames in the hashtagger Plugin Settings.
Hide Username from Author Page URL!
By default the URL of the author archive page (user profile) on a WordPress site is
slug is a hidden field you cannot access in the user settings. When creating a new user WordPress sets the slug to a URL-friendly version (no blanks, no special characters) of the username. In other words the author archive page URL betrays half of the information you need to acces the WordPress backend. The login names from all your users are publicly visible. If you are using the hashtagger Plugin to link to user profile page the username is still visible in the URL even though you activated the option to use @nicknames! To avoid this security risk take a look at the smart User Slug Hider Plugin.