Smart User Slug Hider


The Smart User Slug Hider Plugin hides usernames in Author Pages URLs to enhance Security


The plugin automatically replaces user names with 16 digits coded strings. There are no settings. Just install and forget. Deactivating the Plugin restores the default WordPress behavior.

Version 4.0.0 Update Notice

Previous versions of this plugin used a function that was removed in PHP 7.2. Version 2 of this plugin introduced a so called Future Proof Mode, that used a different encryption method to work with PHP 7.2 and newer.

In version 4.0.0 only this new method is available. The old method was completely removed.

Unfortunately it is not possible to get the same result. This means that the coded User Slug changes if you haven’t activated Future Proof Mode yet.

Why use this plugin?

WordPress uses the pattern for author page URLs where name represents the users login name.

This means that the login names from all your users are publicly visible which is a serious security flaw.

The Smart User Slug Hider Plugin changes all author page URLs from e.g. to something like

The codes are generated automatically and its impossible to make conclusions about the user names. The WordPress default URLs will cause a 404 (not found) error.

Also works for BuddyPress member pages.

As of version 4.0.0 also the author class from body tag is removed (see this topic)


The plugin adds three shortcodes you can use in your posts:

  • [smart_user_slug] – the user slug of the post author – e.g. e9e716def73f76ac
  • [smart_user_url] – the url of the post author’s profile page – e.g.
  • [smart_user_link] – adds a link to the post author’s profile page

Theme Functions

The plugin adds two functions that can be used in theme files:

  • get_smart_user_slug( $author_id ) to get the user slug for the author – the parameter $author_id is optional, if omitted the author`s ID of the current post is used
  • the_smart_user_slug( $author_id ) to display the user slug for the author – the parameter $author_id is optional, if omitted the author`s ID of the current post is used


Support Forum.


How to easily close a HUGE WordPress Security Gap using the free Plugin Smart User Slug Hider

Do you like this plugin?

I spend a lot of my precious spare time to develop and maintain my free WordPress plugins. You don’t need to make a donation. No money, no beer, no coffee. If you like this plugin then please do me a favor and give it a good rating. Thanks.

Plugin Privacy Information

  • This plugin does not set cookies
  • This plugin does not collect or store any data
  • This plugin does not send any data to external servers

Peters’ Plugins Privacy Information Page


This plugin is compatible with ClassicPress.

More plugins from Peter

Stay up to date

Follow me on Facebook
YouTube Channel


none so far


16 Desember 2019
Das Plugin verhindert, dass der Benutzer ausgespäht und der Nutzername z.B. für den Login genutzt wird. Ein wichtiges Plugin, das ich nicht missen möchte...!
30 Agustus 2019
I used to install "Edit Author Slug" in every one of my website, but I always wished for simpler settings. I love this "smart User Slug Hider" because it needs no configuration if you have installed WordPress in PHP 7.2 or newer. It has been working perfectly so far, and seems to be lightweight. I'd highly recommend this plugin over "Edit Author Slug" if there will be only one author in a website, because it is unlikely for viewers to bookmark the author archive page, thus the page doesn't need a comprehensible URL.
20 Januari 2020
As a web developer I have many websites out there and recently a client's site was hacked into. The mess that resulted required a complete rebuild. I would not want to go through that again. I already use 'login limited reload' and 'two-factor' log in so I must be fairly safe but it was irritating me that hackers can so easily find a username. Not any longer thanks to this plug in. Just activate and you're there but don't forget to change your WordPress display name so it does not show your username in the source code. Thank you Peter. EDIT It pains me to have to reduce my five star review to one star but the fact is that this plugin no longer works but actually reveals the username. I've tried to get the author's attention with a support question but no reply within three days and I see no update to this plugin in the last six months. It's a shame because it did work very well indeed. I won't give exact details of how the name is revealed although I suspect any hacker worth his salt will soon determine the answer. I hope the author will read this and let me have an email address where I can forward full details to him. Re-Edit The author has now updated this plugin to version 4 and it's working well and so I'm happy to update my rating now to five stars again.
29 Januari 2019
I'm about to launch a BuddyPress network and want to comply with GDPR/DSGVO rules and user demands fo privacy as much as possible. This plugin is a must have! 1000 Dank.
Baca semua 29 tinjauan

Kontributor & Pengembang

“Smart User Slug Hider” adalah perangkat lunak sumber terbuka. Berikut ini mereka yang sudah berkontribusi pada plugin ini.

Para Kontributor

“Smart User Slug Hider” telah diterjemahkan kedalam 2 lokale. Terima kasih kepada para penerjemah untuk kontribusi-nya.

Terjemahkan “Smart User Slug Hider” dalam bahasa Anda.

Tertarik mengembangkan?

Lihat kode, periksa repositori SVN , atau mendaftar ke log pengembangan melalui RSS.

Log Perubahan

4.0.0 (2019-12-29)

  • remove user class from body tag (See here)
  • always use Future Proof Mode, old method removed
  • rewritten based on my Plugin Foundation PPF03

3 (2018-12-31)

  • Future Safe Mode renamed to Future Proof Mode
  • automatically activate Future Proof Mode if mcrypt is not availabe
  • code improvement
  • UI improvements
  • changed capability to manage_options to display admin page

2 (2018-03-14)

  • Future Safe Mode

1.5 (2017-11-16)

  • faulty display in WP 4.9 fixed

1.4 (2017-07-15)

  • fix for BuddyExtender plugin

1.3 (2017-07-17)

  • BuddyPress compatibility
  • redesigned admin interface
  • code improvement

1.2 (2016-10-04)

  • Shortcodes added
  • Theme Functions added

1.1 (2016-06-30)

  • Code optimization
  • Plugin info page added

1.0 (2014-10-02)

  • Initial Release