When I had my first post written and was ready to go live, I decided that for security reasons I should address the user accounts first. It is dangerous to have an admin account named 'Admin'. Every hacker in the world knows that WordPress comes with this account and need only set up a dictionary attack to guess the password.

A dictionary attack is where the hacker creates a script that attempts to login as 'Admin' and the script guesses a password. Unless preventative measures are taken, the script can try tens of thousands of passwords a second. Even the best passwords can't stand up to a dedicated dictionary attack.

So I created another admin account with a name other than 'Admin'. That way the hacker's script needs to guess the user name as well as the password. It isn't foolproof but it does make the hacker's job tougher.

I also created an Author account that I will use to post from. That account doesn't have admin privileges so if someone gains access to that account, they can't do any damage.

I thought I was being pretty smart and pleased with myself for actually taking the time to take these precautions early on. There was only a fake 'Hello World' post and a couple of fake comments. There wasn't any real content posted so far.

I selected the 'Admin' account and clicked on delete. A popup warned me that this would delete all posts and comments written by this author. I didn't think twice about clicking 'continue'. Then I logged on to my author account and posted my first post. It was a good feeling to have everything done and to have my first post up and the site live.

Naturally, I wanted to go see it. I loaded the site and the post looked great. I clicked on the About tab just to double check and was surprised to see a 401-Not Found error. I clicked on the Download tab and got the same thing. All the tabs gave me the same error.

That's when it dawned on me. Static pages were considered to be authored as well. So were tags, categories, links, etc. When I deleted Admin, I deleted all these things. Since I created them all when I was logged in as Admin, they all went away when I deleted that account.

I am VERY happy to have learned this lesson now. It could have been very bad indeed a month from now.