By default, the Super-Administrator in Joomla is named Administrator, and the user record is #62. This gives any hacker an easy starting point to attack your site.
One of your first steps after installing Joomla! should be to fix this;
- Go into the Users module and create a new account called anything but Admin or Administrator (Chief, TopDog, whatever works for you.)
- Assign that user account Super-Administrator rights.
- Log in with the new Super-Administrator account. Now log out and in again with the new account to confirm that it works.
- Again in User Manager;
- Demote the original Administrator account to Public Front-end|Registered under Groups.
- Change Block User to Yes.
By changing the name and id# of your most powerful account, you've now rendered the original administrator account harmless and closed that avenue of attack for a hacker.