General discussion
Thread display: Collapse - |
All Comments
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Confused by Microsoft security recommendation
Suggestion from Microsoft;
Eliminate the dreaded ?Administrator? account. These accounts, whether local or domain, allow administrators to anonymously run amok across your network. You see something suspicious in a log and you know only that ?Administrator? made some change, not who actually did the work. (It also indicates an unskilled attacker, someone who forgot to eliminate evidence from the log.) Remove potential anonymous attack vectors by doing this with all your various ?Administrator? accounts:
1. Line up all your administrators in front of a computer. Have a corporate auditor join the line at the end.
2. Open the account properties and start to change the password.
3. Tell each of your administrators to enter four or five characters, thus contributing a portion of the password.
4. After every administrator has entered a portion, have the auditor contribute the last set of characters and save this new password.
5. Disable the account.
With this procedure you?ve practically eliminated the ability for a rogue administrator to act anonymously. You don?t need this account for anything, and now you?ve contrived a situation which requires devious administrators plus a corrupt auditor to collude in an attack. The chance of that happening is slim indeed; if it were, I?d guess that at least one of them is playing a double-agent. If you can?t trust your administrators, it?s certain that they themselves have little, if any, trust of each other!
/End suggestion from Microsoft
I hope someone can explain the logic of this to me. I do not see how lining up the admins and each contributing part of a password would do anything to stop a rogue admin. Anyone who is an administrator can enable the account, change the password and do their dirty deeds, cleaning up the logs after they are done. If I am missing something please educate me. Thanks!