An easy way of making your Pi that little bit more secure is to remove the default user, Pi. So when setting up a new Pi installation this is one of the first things I do which is very simple. SSH into your Pi as usual:
Switch to the root user:
Create a new user:
Will result in the below, add a decent password when asked and then repeat it:
Adding user `puk' ...
Adding new group `puk' (1001) ...
Adding new user `puk' (1001) with group `puk' ...
Creating home directory `/home/puk' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: <REDACTED>
Retype new UNIX password: <REDACTED>
passwd: password updated successfully
Changing the user information for puk
Enter the new value, or press ENTER for the default
Full Name : Puk
Room Number :
Work Phone :
Home Phone :
Is the information correct? [Y/n] Y
Add the new user to the sudo group:
adduser puk sudo
Adding user `puk' to group `sudo' ...
Adding user puk to group sudo
Quit the Pi by typing exit a couple of times, first to log out as root then to leave SSH. Log back into the PI with SSH using your new username/password:
Now to delete the old Pi user:
sudo deluser pi
Will give you an output, add the user Pi’s password when asked:
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for puk:
Removing user `pi' ...
Warning: group `pi' has no more members.
Finally change the default password of the root account, use a new pass […]