General discussion


Importance of Administrator ID

By jorge.shomar ·
Why is it a good tactic to deactivate the administrator ID as soon as another administrator account with full privilages has been created?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by Joseph Moore In reply to Importance of Administrat ...

Ok, after you make a new account that you assign full rights (add to Administrators group, verify in all of the assigned rights that your new account is set correctly), you do a few things on the Administrator account:
1) Click the Account Disabled checkbox
2) Change the logon hours so that ALL times on ALL days are locked out and disabled
3) I have not tried this on the ADmin account, but it should work (I do this for normal accounts when I disable them). Add the Domain Guests group to the groups Admin belongs to, remove all other groups, and Set the Domain Guests to be the default group.
4) Rename the Administrator account to something else

hope this helps

Collapse -

by ChrisDent In reply to Importance of Administrat ...

Its part of the whole security through obscurity approach.

With many hacking attempts the first stage is to get the password for the Administrator account. This is aways the same user name so it can be a pretty easy place to start.

Renaming / Disabling that account just makes it more difficult for someone to find an account with administrative rights since the attacker first has to find a user name.

Naturally even if you do have the Administrator account active (as many places do) the password for that account should be fairly complex (at least 10 characters including as large a character set as possible, ie something relatively random like teRhd465f&3).

Collapse -

by ChrisDent In reply to

Oh yeah... forgot to add that password length / composition was my opinion only and not an official recommendation. The longer that better

Collapse -

by w2ktechman In reply to Importance of Administrat ...

You can just rename the administrators account, and create a new account called Administrator, and disable it or assign it very low permissions.

Collapse -

by w2ktechman In reply to Importance of Administrat ...

Oh yeah, the reason to disable the administrators account is for security. If you leave it enabled anybody with access to the system can use the account to do a number of things, including steal or change data and or do harm.
This does not mean anyone who can log in, it means anyone who either walks by, or finds a remote access source. They can use the administrator login to do malicious things. Best idea is password, (and not an easy one) and renaming the account. Also, only IT should know the password for it. It should never be given out for any reason to other users.

Collapse -

by RSP In reply to Importance of Administrat ...

Although you can rename Administrator to something else, it always has the same ID on every computer, so it's a big security risk. Creating a new account with the same privileges will create a new, effectively random, ID for "NewAdministrator". Once Administrator is disabled, the hacker would have to find the ID of "NewAdministrator" before being able to launch an attack on that account.

Related Discussions

Related Forums