When an attacker wants to gain access to a system, they don’t just want to access the computer as a common user, they want complete control of the machine. Any attacker will know that Windows creates an Administrator account during installation. The easiest way to get that level of access is to target the Administrator account. So, get rid of it.
Some experts suggest that renaming the Administrator account won’t stop an attacker because they can still figure out which account is the Administrator. Every user account has a unique SID (security identifier) associated with it. The Administrator account SID is well-known to seasoned hackers. Through various means, it is possible for an attacker to list out the SID’s on the computer and determine which account is the Administrator account.
But, many novice attackers won’t know this or at least won’t know how to do it. Finding and enumerating the SID’s on the computer requires a little more advanced knowledge of hacking techniques. It may not stop an experienced and knowledgeable attacker, but renaming the Administrator account will stop most amateur hackers and send them looking for easier targets.
To rename the Administrator account follow these steps:
- Right-click My Computer and select Manage
- Click on the + next to Local Users and Groups
- Click on the Users folder
- Right-click the Administrator account and select Rename
- Assign a new name. Use something that does not provide any clue that this account is the Administrator account
- Double-click on the newly renamed Administrator account and delete or revise the Description of the user account
- Close the Computer Management console
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).