http://uneasysilence.com/archive/2007/03/10102/ Sun, 22 Nov 2009 06:28:02 -0600 http://wordpress.org/?v=2.8.6 hourly 1 http://uneasysilence.com/archive/2007/03/10102/comment-page-1/#comment-381928 Per-Erik Broz Thu, 29 Mar 2007 05:44:24 +0000 http://uneasysilence.com/archive/2007/03/10102/#comment-381928 DRS: I always rename the administrator account and use a password-like username. That makes it a bit harder for intruders to bruteforce their way in. So Yes, I always use the admin account - but not by the default username. DRS: I always rename the administrator account and use a password-like username. That makes it a bit harder for intruders to bruteforce their way in. So Yes, I always use the admin account – but not by the default username.

]]> http://uneasysilence.com/archive/2007/03/10102/comment-page-1/#comment-381916 drs Thu, 29 Mar 2007 02:16:15 +0000 http://uneasysilence.com/archive/2007/03/10102/#comment-381916 I think it's like this, because most pc's out there are dedicated to single user, and key in your user name every time you want to log on is silly and troublesome. "Security risk" hardly happens within a protected company network, and even less so in home conditions. As for servers...how many people use other than "Administrator" account to access server anyway? Yes there are those who do, but even so they hardly will enable this "feature" which is IMHO more a nuisance than a real security improvement. I do manage couple of networks myself, and I strictly rejected such security "improvements" when demanded by parental company, as it is nothing more than waste of users time. The users who work in the same office will tell each other their passwords anyway as they need to subs. each other during leave etc. So this has the only practical use in case you really need to keep your login strictly secured, and your machine might be accessed by unauthorized person. That's why it is off by default, and you can turn it on if you really have reason to do so. I think it’s like this, because most pc’s out there are dedicated to single user, and key in your user name every time you want to log on is silly and troublesome. “Security risk” hardly happens within a protected company network, and even less so in home conditions. As for servers…how many people use other than “Administrator” account to access server anyway? Yes there are those who do, but even so they hardly will enable this “feature” which is IMHO more a nuisance than a real security improvement. I do manage couple of networks myself, and I strictly rejected such security “improvements” when demanded by parental company, as it is nothing more than waste of users time. The users who work in the same office will tell each other their passwords anyway as they need to subs. each other during leave etc. So this has the only practical use in case you really need to keep your login strictly secured, and your machine might be accessed by unauthorized person. That’s why it is off by default, and you can turn it on if you really have reason to do so.

]]>