Use of built-in Admin account - What's the problem ?

Discussion in 'other security issues & news' started by Defenestration, Apr 16, 2010.

Thread Status:
Not open for further replies.
  1. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I wanted to check if there was any good reason for not using the built in Admin account, as long as you do the following:

    1) Set password for it
    2) Rename it from "Administrator" to something else (ie. so attacker will have to guess username and password)
    3) Enable it (obviously)

    Then, just change your normal 1st user account (ie. the one created when you install Windows) from admin to to SUA (to be used for normal usage).

    Is this any different (from a security hardening perspective) to using your 1st user account as your admin account, and creating a new 2nd SUA for day-to-day usage ?
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
    Any account with Admin level privileges that is exposed to the Internet is vuilnerable to attack - just like any normal user account with less privileges.

    If a normal user account with less privileges is compromised - the attacker still does not have control of your computer, only your usre account and user data.

    If an account with Admin privileges is compromised - the attacker has control of your computer and it is then owned by the attacker.

    Which case would you prefer?

    The best rule of thumb for web surfing is to use a normal user account that has no way of elevating privileges to Admin status - and to use common sense on where you surf.

    -- Tom
     
  3. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    You've mis-understood me. My question was not about why you shouldn't use an admin account for day-to-day usage. It was about using the built-in Administrator account for admin purporses, as opposed to using a non-built-in Administrator account for admin purposes.
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
    There is not usually a problem using a built-in Administrator account for admin purposes nor using a non-built-in Administrator account for admin purposes - as long as one does not use them for normal web surfing activites which exposes the Admin accounts to a real problem.

    -- Tom
     
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  6. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Using the apps in my siggy renders a full blown admin account completely safe with several gigs of malware samples tested and any and all websites visited without a single prob.

    I'm gonna cop it now, huh. :ouch:

    :D
     
Loading...
Thread Status:
Not open for further replies.