Accounts: Rename administrator account The built-in local administrator account is a well-known account name that attackers will target. Microsoft recommends to choose another name for this account, and to avoid names that denote administrative or elevated access accounts. Be sure to also change the default description for the local administrator (through the Computer Management console). Note: This policy setting is not configured in the baseline, nor does Microsoft suggest a user name for the account. Suggested user names are omitted to ensure that organizations that implement this guidance will not use the same new user name in their environments. Counter Measure: Specify a new name in the Accounts: Rename administrator account setting to rename the Administrator account. Potential Impact: You will have to inform users who are authorized to use this account of the new account name. (The guidance for this setting assumes that the Administrator account was not disabled, which was recommended earlier in this chapter.)

[administrator]

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity OptionsAccounts: Rename administrator account (2) REG: ### (3) WMI: ###