WordPress is one of the easiest to use content management systems and website builders out there… when you’re used to it. As simple and intuitive as it is, it can take a while for new users to figure out.
If you’re new to WordPress, you’ll end up asking a lot of questions for the first week or so as you get used to using it. I know I did.
Questions like, “Where is the WordPress admin panel?”
To access the WordPress admin panel, type your website’s domain name in your browser’s address bar (as you’d normally do) and add “/wp-admin” at the end.
If you’re already logged in, you’ll get sent straight to the admin panel.
If you’re not logged in to your account yet, you’ll see the WordPress login form. Enter your username or email address and password and hit the “Log In” button.
By checking the “Remember me” box, WordPress will keep you logged in for 14 days. If, during that time, you clear your browser’s cookies, you’ll need to log in again.
Here’s how this looks like:
In case you forgot your password, this is where you can reset it.
To reset the password for your WordPress account, click on the “Lost your password?” link right under the admin panel login form. You should get an email with a link to reset your password shortly.
Keep in mind that the email can take a few minutes to arrive in your inbox (especially if you’re not using a big email provider like Gmail or Hotmail). If it doesn’t, be sure to check for it in your “Spam” folder.
How to Use the WordPress Admin Bar
The WordPress toolbar is a toolbar that shows up on top of your website only when you’re logged in. It gives you quick access to a number of WordPress features, including:
- Creating new posts
- Creating new pages
- Uploading new media
- Creating new users
- Editing your profile
The WordPress admin bar also lets you access the admin panel, edit posts, as well as customizing the look and feel of your website (the customization options depend on your theme).
As long as you’re logged in, it will show up on every single page of your website. This includes pages, posts, category archives, tag archives, author archives, as well as your custom taxonomies.
Some plugins will add their own menus to the WordPress admin toolbar, letting you access their features quickly and conveniently.
You can choose to toggle the WordPress admin bar on or off from your profile. Hover over your name in the top right corner, click on “Edit Profile,” and untick “Show Toolbar when viewing site.”
How to Protect Your WordPress Admin Panel
By default, your WordPress website’s login form is visible to anyone on the Internet who knows how to look for it.
Here are a couple of security best practices for protecting your WordPress admin account (and website) from most hackers.
Use a separate email address and password.
Don’t use the same email address and password that you’re using on other websites on the Internet for your WordPress admin account. If they leak out, your account is in danger of getting hijacked before you can react.
Those of you who are using Gmail you can append their email addresses with a plus sign and any text you want (something random or hard for others to guess). For example, firstname.lastname@example.org can turn into email@example.com.
Generate a separate and secure password using one of my favorite free tools, the Strong Random Password Generator. Make sure your password has at least 20 characters and consists of letters (upper- and lower-case), numbers, and symbols.
Install and activate the Loginizer plugin for WordPress.
Loginizer is one of the simplest and most powerful plugins that you can use to secure your website in less than a few minutes.
It can protect your website from a so-called “brute force attack,” in which a hacker tries to submit as many passwords as they can in as many login attempts as the login form permits them with the hopes of eventually figuring out the right one.
Loginizer protects you from brute force attacks by limiting the number of login attempts that can come from a single IP address. If someone tries to log in from the same IP address for more than 3 tries without success, it will block them from using the login form for 15 minutes.
The paid version of the plugin also has reCAPTCHA, passwordless login, login challenge questions, and two-factor authentication. It will set you back $24/year for a single website, $40/year for two websites, and $90/year for 10 websites.
There are, of course, more advanced techniques that you can adopt to make access to your WordPress admin panel more secure. Still, the two practices above are a great starting point for new websites.
It takes a little getting used to, but, at the end of the day, WordPress is one of the easiest to use content management systems and website builders out there.