WordPress Security – Never use your administrative username on posts and/or pages.
When you are the only person who creates posts and/or pages on your site, you sometimes forget there are other roles available in your self-hosted WordPress site.
You should create another account with the role of Author for posts/pages.
Subscriber will not work, because you will not be able to assign posts/pages to a subscriber account. Since the Editor and Contributor roles have more permissions, and therefore more access to back-end options, shy away from assigning either of those roles to the account you are going to use for posts/pages.
It is totally fine to create the posts/pages while logged in as the administrator, but before the post/page goes live you should change the author of the post to the account of the role of the Author you set up.
Even if a hacker gets into the Author account, there is only so much damage the hacker can do since the Author role has limited capabilities in the back-end of your WordPress.
Please keep in mind that these are three, simple security measures you can take without plugins, but they should not be the only security measures you take to secure your WordPress site.
In a later post, we will cover some plugins you can install and activate on your WordPress site to further enhance your site security.