admin Is Not a Secure Drupal Username
By Michael Ross
If an attacker obtains a valid username or password utilized within your Drupal-based website, then he is that much closer to breaking in and potentially wreaking havoc. Thus, it is bad security practice to ever use an obvious username — and the most obvious one of all is "admin". Even worse, it is most commonly chosen for administrator accounts, and even for the superuser (user/1). "admin" is fine as the name of a role, but not as the name of a user.
Figure 1. Creating a user
Copyright © 2012 Michael J. Ross. All rights reserved.