The TLDR
No, it is not, for various reasons, but fundamentally it’s a security via obfuscation, a misleading/bad concept
Breaking it Down Question by Question
I have downloaded a theme from WordPress theme directory (abc) and i renamed it to (xyz).
Great, .org plugins have a review process and get taken down or adjusted if there’s something truly awful, so no hidden surprises. They aren’t necessarily 100% secure but if you’re not comfortable doing a manual code review it’s a good place to start.
Bonus tip: The themes on WordPress.com have gone through a more vigorous review process and are all available on .org or elsewhere
My question is that does (xyz) theme will get automatic update from WordPress or not?
No, and for this reason alone I would not do this, you won’t recieve security updates
Does it good to rename WordPress theme to different name?
No, security is not improved by doing this, your site is just as insecure
or is it a bad idea?
Yes, I would say it is a bad idea, for a number of reasons
Problems and Issues You May Encounter
- A false sense of security
- No more WordPress theme updates, so no more security fixes
- Broken child themes
- If the theme is poorly built it may have hardcoded the theme name giving 404s for some resources
Why It Doesn’t Improve Security
Nobody checks the name of the theme folder. They don’t even check that you’re running WordPress. Everyday your site will have exploits fired at it, for older WP versions, Drupal exploits, Joomla exploits. It’ll get exploits used on it that have nothing to do with websites too.
Attackers don’t care that you’re running WordPress, and nobody will go to the effort of hacking a site themselves. 99% of the process is automated. So why wait for a site to respond to figure out which versions of which software it’s running? Fire and forget, use all the hacks and if any of them worked then it’ll ping you back saying so.
In Conclusion
No, this will not protect you, it may even make you complacent thinking you’re more secure than you really are, and it can sabotage future security by preventing security updates from .org, and breaking poorly built themes
The same is true of plugins