Specify the 'Accounts: Rename Administrator Account'
|ID: oval:org.secpod.oval:def:36488||Date: (C)2016-08-05 (M)2017-10-18|
|Class: COMPLIANCE||Family: windows|
The built-in local administrator account is a well-known account name that attackers will target. Microsoft recommends to choose another name for this account, and to avoid names that denote administrative or elevated access accounts. Be sure to also change the default description for the local administrator (through the Computer Management console).
Note: This policy setting is not configured in the baseline, nor does Microsoft suggest a user name for the account. Suggested user names are omitted to ensure that organizations that implement this guidance will not use the same new user name in their environments.
Specify a new name in the Accounts: Rename administrator account setting to rename the Administrator account.
You will have to inform users who are authorized to use this account of the new account name. (The guidance for this setting assumes that the Administrator account was not disabled, which was recommended earlier in this chapter.)
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Accounts: Rename administrator account
(2) REG: ###
(3) WMI: ###
|Microsoft Windows 10|