how-to block ads
|
mapics
join:2005-04-04
| Secure way of renaming Administrator account Is there a way to rename the built-in Administraotr account? In other words, should it be necessary to include numbers, should there be at least 8-characters? Stuff like that?
Im not talking about passwords, I am speaking in terms of the proper or secure way of naming a Admin account. | |
|  
herr_cain
join:2003-08-29
Rolla, MO
| Re: Secure way of renaming Administrator account Well,
To say there's a proper way: I'm not sure.
However, I do think that renaming it can secure up it from probers on the internet/LAN networks who just try to connect or force the account name Administrator's password remotely.
If the attacker has physical access, and is very savvy at all, then renaming the administrator account will make little difference.
I don't think you need to get super complex with your name, just make it something that isn't super generic: i.e. admin, superuser, etc.
--
WinXP/SuSE network | http://www.dutchelitedivision.nl | |
| | mapics
join:2005-04-04 | Re: Secure way of renaming Administrator account Should I include numbers, and or mixed numbers/letters? | |
| dave
Premium,MVM
join:2000-05-04
not in ohio | proper way Run secpol.msc, choose Local Policies, Security Options, click on 'rename administrator account'. | |
| | | dave
Premium,MVM
join:2000-05-04
not in ohio | Re: Secure way of renaming Administrator account Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase.
I can't see there's any theoretical gain in making the username and the password 'unguessable'. | |
| | 
PunkGod
join:2003-02-02
| Re: Secure way of renaming Administrator account said by dave  :Ah, I think it's better to choose something meaningful. Spend all your 'weird character' budget on the passphrase. I can't see there's any theoretical gain in making the username and the password 'unguessable'. I will agree with dave, a passphrase would be a good idea. I use them on most of my computer except something I really don't care about.
Here is a good link to check out.
»en.wikipedia.org/wiki/Passphrase | |
| 
gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
1 edit | Just use a nondescript name... I agree totally with Dave. Why drive yourself crazy, anyway? Call it something like "janitors", or something along those lines, if you want to throw off anybody who sees it... hell... I have bad intentions, enumerate users and see an account called !!$54^^~dre@, I'm curious as I can get, at that point, anyway... worry about password strength, not cryptic user names, would be my best sense of a secure setup.
PS- once upon a time, I used to clone admin, leave admin as a real account, make the clone the admin, then set up the old admin account as a privilege-less account with audit set on virtually everything... that might make sense in some scenarios, but I soon concluded it was a lot of work for little or no real security advantage.
--
Semper Eadem
- Alone on a midnight passage
I can count the falling stars
While the Southern Cross and the satellites
They remind me of where we are...
-"Tewdor Thunder"- | |
| | | |
|
·
·