Thread Starter
Terry
(@tbilton)
So i did manage to set up 2FA and tested access successfully, and then deleted all admins apart from my 3 core admin users, but i see there is a user d7098f85 showing up with Admin privileges that i can not change or delete and who doesn’t show up in my USER bucket.
Is this an application admin account ?
Thanks.
Hi @tbilton,
The user is not one that we know of, and no plugins should be creating accounts to gain administrative access against your knowledge. If Wordfence hasn’t picked up an admin account created outside of WordPress during its scans, and you can’t see it in your WordPress users page, it may have already been deleted. I would double-check with your host in case they are able to shed any light on that or see logs from when it was created/deleted and how.
As a general overview, Wordfence’s Login Security features are only guaranteed to be compatible with the default WordPress and WooCommerce login/registration pages. Any issues with messaging, 2FA, or reCAPTCHA could be expected if you have a custom page, or one generated by a membership/page builder plugin as the login form elements don’t match the WordPress defaults. Although it’s good to hear you’ve potentially solved that issue.
Let us know how what you find out,
Peter.
Leave a Reply