Renaming well-known accounts in Windows makes it more difficult for unauthorized access to the Computer Systems and its Resources. Although Microsoft has made strides to protect the System accounts as IT Administrator’s we can go a little Extra.
With the assistance of Group Policies, we can Rename the Administrator Account. It is also suggested to Rename the Guest account although the rights are minimal if there is an exploit we don’t want to make it easy.
Policies > Windows Settings > Security Settings > Local Policies > Security Options
On the right side, you will have a huge amount of option that can be configured. There are only four options that need to configure for the Well-know accounts.
- Accounts: Administrator account status
- Accounts: Guest Account Status
- Accounts: Rename Administrator Account
- Accounts: Rename guest Account
Policies can be set up as per your Environments requirement. The recommendation is if you enable the Administrator account. Make sure the Name is not similar to other potential admin Names. So if you decide to google other names for Administrators. Those might not be the best choice as other Administrators would potentially do the same. Regardless almost anything is better than Administrator.
With the guest account, the suggestion is always to Disable and Rename. As an additional option, you can also Enable the Setting: “Accounts: Limit Local accounts use of Plank passwords to console logon only“.
Control Panel Settings
The Second option to Rename well know accounts gives you a bit more option in terms of what can happen to the account. Although with the option to Reset the password taken away it is really just a matter of preference which way you go about to get the task done. Browse too:
Computer Configuration > Preferences > Control Panel Settings > Local Users and Groups
On the Right-hand side, right-click and choose New > Local User.
On the Action, dropdown ensure you choose Update, then choose the user that is going to be updated at the User Name Section. As you can see on the screenshot below there is no option anymore to enter the Password. This will now have to be done when setting up the Computer or by deploying a script throughout the environment. This will have to be done twice. Once for the Administrator account and Second for the Guest Account.
While you are busy with the local accounts I also suggest to Remove Local users from the Administrator Groups.