What happens if I rename admin account ?

Posted on 2006-04-04
Medium Priority
Last Modified: 2012-05-05
The server rules folks are tellng me to re-name the admin account on my server 2003.  Right now this is a web server and just running the OS.  If I change that what is the impact and then how do I make sure I can still use an admin account if something goes wrong and I need that account.  I know it's for security purposes but am not sure what the impact will be of changing it and how the OS will know what the new account it should use for all these priviledges.
Question by:a182612
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16372691
no impact except that you get some hackers not be able to guess the admin username to try the logins which makes they cannot block the account by trying a wrong password too many times.
LVL 18

Expert Comment

ID: 16372778
Windows doesn't recognize an account by its name. Each account has a unique ID number called a SID...so even if you rename the account, the account still has the same SID so it is still known to the system.
LVL 33

Expert Comment

ID: 16372881
In general, renaming the administrator account is good practice.  Beware, that is your have programs or services using the administrator account, they may need to be reconfigured with the new name.

For example, say you backup jobs are using the domain\administrator ID for security.  And then you change the user name to bobby5.  You may have to reconfigure the backup job to use the bobb5 account...

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

LVL 33

Accepted Solution

NJComputerNetworks earned 1000 total points
ID: 16372908

Some experts say that renaming the Administrator account is pointless. Any worthy hacker knows that the true Administrator account has a unique identifier and how to find it. But, that doesn't mean you need to make it easy for the hackers who aren't worthy.
When an attacker wants to gain access to a system, they don't just want to access the computer as a common user, they want complete control of the machine. Any attacker will know that Windows creates an Administrator account during installation. The easiest way to get that level of access is to target the Administrator account. So, get rid of it.

Some experts suggest that renaming the Administrator account won't stop an attacker because they can still figure out which account is the Administrator. Every user account has a unique SID (security identifier) associated with it. The Administrator account SID is well-known to seasoned hackers. Through various means, it is possible for an attacker to list out the SID's on the computer and determine which account is the Administrator account.

But, many novice attackers won't know this or at least won't know how to do it. Finding and enumerating the SID's on the computer requires a little more advanced knowledge of hacking techniques. It may not stop an experienced and knowledgeable attacker, but renaming the Administrator account will stop most amateur hackers and send them looking for easier targets.

To rename the Administrator account follow these steps:

Right-click My Computer and select Manage
Click on the + next to Local Users and Groups
Click on the Users folder
Right-click the Administrator account and select Rename
Assign a new name. Use something that does not provide any clue that this account is the Administrator account
Double-click on the newly renamed Administrator account and delete or revise the Description of the user account
Close the Computer Management console
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).

Author Comment

ID: 16373909
If when I rename this account something stops working can I just rename it back to Admnistrator until I can fix whatever is not working or can you rename an account a name that has been used before?
LVL 33

Expert Comment

ID: 16374360

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question