mapics
join:2005-04-04
| Secure way of renaming Administrator account
Is there a way to rename the built-in Administraotr account? In other words, should it be necessary to include numbers, should there be at least 8-characters? Stuff like that?
Im not talking about passwords, I am speaking in terms of the proper or secure way of naming a Admin account. |
|
herr_cain
join:2003-08-29
Rolla, MO
| Well,
To say there's a proper way: I'm not sure.
However, I do think that renaming it can secure up it from probers on the internet/LAN networks who just try to connect or force the account name Administrator's password remotely.
If the attacker has physical access, and is very savvy at all, then renaming the administrator account will make little difference.
I don't think you need to get super complex with your name, just make it something that isn't super generic: i.e. admin, superuser, etc.
--
WinXP/SuSE network | http://www.dutchelitedivision.nl |
|
dave
Premium,MVM
join:2000-05-04
not in ohio | reply to mapics
proper way
Run secpol.msc, choose Local Policies, Security Options, click on 'rename administrator account'. |
|
mapics
join:2005-04-04 | reply to herr_cain
Re: Secure way of renaming Administrator account
Should I include numbers, and or mixed numbers/letters? |
|
dave
Premium,MVM
join:2000-05-04
not in ohio | reply to mapics
Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase.
I can't see there's any theoretical gain in making the username and the password 'unguessable'. |
|
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
1 edit | reply to mapics
Just use a nondescript name... I agree totally with Dave. Why drive yourself crazy, anyway? Call it something like "janitors", or something along those lines, if you want to throw off anybody who sees it... hell... I have bad intentions, enumerate users and see an account called !!$54^^~dre@, I'm curious as I can get, at that point, anyway... worry about password strength, not cryptic user names, would be my best sense of a secure setup.
PS- once upon a time, I used to clone admin, leave admin as a real account, make the clone the admin, then set up the old admin account as a privilege-less account with audit set on virtually everything... that might make sense in some scenarios, but I soon concluded it was a lot of work for little or no real security advantage.
--
Semper Eadem
- Alone on a midnight passage
I can count the falling stars
While the Southern Cross and the satellites
They remind me of where we are...
-"Tewdor Thunder"- |
|
PunkGod
join:2003-02-02
| reply to dave
said by dave  :Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase. I can't see there's any theoretical gain in making the username and the password 'unguessable'. I will agree with dave, a passphrase would be a good idea. I use them on most of my computer except something I really don't care about.
Here is a good link to check out.
»en.wikipedia.org/wiki/Passphrase |
|
mrchris
We don't miss you Bush
Premium
join:2002-10-01
North Babylon, NY
 ·Verizon FIOS
 ·Optimum Online
| reply to dave
Re: proper way
said by dave :Run secpol.msc, choose Local Policies, Security Options, click on 'rename administrator account'. secpol.msc does not exist on XP Home.  |
|
