This plugin randomizes the ID for the user created in the WordPress setup. It also will allow the randomization of the ID for any created user, after an already-proposed patch to WordPress core gets merged.
You can find this plugin code at GitHub: https://github.com/davefx/dfx-random-user-id
Evil hackers are always trying to take advantage of any information they know about a site. There’s something common to all WordPress sites: they are created with an administrator user with ID=1. And new users IDs are created in order after this one: 2, 3, 4, 5…
Good WP administrators will remove this first-created admin user, creating a new one with another ID number, but the fact that new users IDs are created in a serialized way is something that can be used against us.
While attending to WordCamp Madrid 2017, I could listen to Tomás Sierra dissertation about WP sites security, noting this problem. This inspired me to build this plugin, which I started at the next day in that WordCamp’s Contributor Day.