The options to have new users sign up with Administrator as the default role should not be an option

[dwainm]

Allowing the option for new users to register with the administrator role by default should not be allowed. Maybe we could add a filter that allows for it to be added again if there is a use case for it.

[helen]

It certainly isn't a particularly safe setting, but any other reason to specifically disallow that role?

[jenmylo]

I have to agree with Helen. While for many people it would be an extremely poor decision to make everyone who registers an admin, that doesn't mean there aren't use cases for it. As long as the true default --- the role we have set in core as the default for new members, vs. the role a site admin chooses to make the new default later --- is still Subscriber, I don't think we should be locking down the software to prevent people from making bad decisions.

[dwainm]

Hi Helen, The main point would simply be that it allows for people to make stupid decisions. If I think about the use cases for the option , its definitely in the 0.1 percent.

I can think of people using it on an intranet and that is where it stops for me. I'm not sure if there are any other use cases where any one that registers needs full control of WordPress.

If we can help newbies steer safe I think its a good decision. Decision over Options.

[helen]

If you're turning on user registration, I should hope you are being thoughtful and not just rampantly changing things. And as jenmylo said, so long as the role WP defaults to is subscriber, we shouldn't arbitrarily limit the choices. After all, there are also custom roles that could be just as dangerous.

[SergeyBiryukov]

Related: #14578, #15636.