An easy way of making your Pi that little bit more secure is to remove the default user, Pi. So when setting up a new Pi installation this is one of the first things I do which is very simple.
SSH into your Pi as usual:
Switch to the root user:
Create a new user:
Will result in the below, add a decent password when asked and then repeat it:
Adding user `puk' ... Adding new group `puk' (1001) ... Adding new user `puk' (1001) with group `puk' ... Creating home directory `/home/puk' ... Copying files from `/etc/skel' ... Enter new UNIX password: <REDACTED> Retype new UNIX password: <REDACTED> passwd: password updated successfully Changing the user information for puk Enter the new value, or press ENTER for the default Full Name : Puk Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y
Add the new user to the sudo group:
adduser puk sudo
Adding user `puk' to group `sudo' ... Adding user puk to group sudo Done.
Quit the Pi by typing exit a couple of times, first to log out as root then to leave SSH. Log back into the PI with SSH using your new username/password:
Now to delete the old Pi user:
sudo deluser pi
Will give you an output, add the user Pi’s password when asked:
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for puk: Removing user `pi' ... Warning: group `pi' has no more members. Done.
Finally change the default password of the root account, use a new pass when asked:
sudo passwd root
Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully