Secure way of renaming Administrator account in Security

Secure way of renaming Administrator account in Security http://www.dslreports.com/forum/r13107414 en Mon, 30 Nov 2009 17:49:42 EDT Mon, 30 Nov 2009 17:49:42 EDT Re: proper way http://www.dslreports.com/forum/remark,13113007 mrchris :

said by dave

:

Run secpol.msc, choose Local Policies, Security Options, click on 'rename administrator account'.

secpol.msc does not exist on XP Home. :huh:]]> http://www.dslreports.com/forum/remark,13113007 Thu, 07 Apr 2005 17:10:31 EDT Re: Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13108200 PunkGod :

said by dave

:

Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase.

I can't see there's any theoretical gain in making the username and the password 'unguessable'.

I will agree with dave, a passphrase would be a good idea. I use them on most of my computer except something I really don't care about.

Here is a good link to check out.
»en.wikipedia.org/wiki/Passphrase]]> http://www.dslreports.com/forum/remark,13108200 Thu, 07 Apr 2005 00:33:45 EDT Re: Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13107650 gwion : Just use a nondescript name... I agree totally with Dave. Why drive yourself crazy, anyway? Call it something like "janitors", or something along those lines, if you want to throw off anybody who sees it... hell... I have bad intentions, enumerate users and see an account called !!$54^^~dre@, I'm curious as I can get, at that point, anyway... worry about password strength, not cryptic user names, would be my best sense of a secure setup.

PS- once upon a time, I used to clone admin, leave admin as a real account, make the clone the admin, then set up the old admin account as a privilege-less account with audit set on virtually everything... that might make sense in some scenarios, but I soon concluded it was a lot of work for little or no real security advantage.

--
Semper Eadem

- Alone on a midnight passage
I can count the falling stars
While the Southern Cross and the satellites
They remind me of where we are...

-"Tewdor Thunder"-]]> http://www.dslreports.com/forum/remark,13107650 Wed, 06 Apr 2005 23:17:44 EDT Re: Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13107591 dave : Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase.

I can't see there's any theoretical gain in making the username and the password 'unguessable'.]]> http://www.dslreports.com/forum/remark,13107591 Wed, 06 Apr 2005 23:11:29 EDT Re: Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13107567 mapics : Should I include numbers, and or mixed numbers/letters? ]]> http://www.dslreports.com/forum/remark,13107567 Wed, 06 Apr 2005 23:09:06 EDT proper way http://www.dslreports.com/forum/remark,13107566 dave : Run secpol.msc, choose Local Policies, Security Options, click on 'rename administrator account'.]]> http://www.dslreports.com/forum/remark,13107566 Wed, 06 Apr 2005 23:08:53 EDT Re: Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13107545 herr_cain : Well,

To say there's a proper way: I'm not sure.

However, I do think that renaming it can secure up it from probers on the internet/LAN networks who just try to connect or force the account name Administrator's password remotely.

If the attacker has physical access, and is very savvy at all, then renaming the administrator account will make little difference.

I don't think you need to get super complex with your name, just make it something that isn't super generic: i.e. admin, superuser, etc.
--
WinXP/SuSE network | http://www.dutchelitedivision.nl]]> http://www.dslreports.com/forum/remark,13107545 Wed, 06 Apr 2005 23:07:10 EDT Secure way of renaming Administrator account http://www.dslreports.com/forum/remark,13107414 mapics : Is there a way to rename the built-in Administraotr account? In other words, should it be necessary to include numbers, should there be at least 8-characters? Stuff like that?

Im not talking about passwords, I am speaking in terms of the proper or secure way of naming a Admin account.]]> http://www.dslreports.com/forum/remark,13107414 Wed, 06 Apr 2005 22:52:58 EDT