Data Breach

Disabling Local Administrator Accounts – Information Security Essentials

Disabling Local Administrator Accounts

The Administrator account (NT AUTHORITY\Administrator) exists by default on all Microsoft Windows (Windows NT-based) systems and Active Directory domains. It is typically used as a setup and disaster recovery account.

If you must use the local administrator account, only use it during setup and to join the machine to the domain. After this, it should no longer be needed.  If the account is needed for recovery or to boot into safe mode, the account will be automatically re-enabled for use only in troubleshooting. Once the system is booted again normally, it is disabled.

Conversely, you could assign passphrases that are random and unique for each computer’s local administrator account. This would prevent propagation using shared local administrator credentials. However, ideally this account should just be disabled.

In the SECMON1 blog post ‘Security Overview – Information Security Essentials’ , we spoke about what the Local Administrator account is for and why it is an essential security measure to disable it. 

In this document, we are going to provide some basic steps to assist in disabling this account, as well as providing you with some interesting and important links where you can educate yourself further on this topic and identify other options available to you.

CLICK HERE TO DOWNLOAD THIS SECMON1 INFORMATION SECURITY ESSENTIALS GUIDE

Christopher McNaughton

Recent Posts

Understanding the Australian economy through the lens of underwear and lipstick sales

In an intriguing development, recent trends in Australia's retail sector—namely, a decline in men's underwear…

1 year ago

New fraud costing Australian business millions annually

  If you work in the Finance Department of your company your email account might…

4 years ago

INFORMATION THEFT – THE EMPLOYEE RISK

  Information Theft - What is the Risk? Our research has shown that around 68%…

4 years ago

Don’t Become a Victim of Cyber Crime

  The Impacts of a Cyber Attack In your personal life and as an employee,…

4 years ago

YOUR COMPANY HAS BEEN BREACHED!

The Data Governance Watershed "You've been breached!" These are words none of us want to…

5 years ago

CASE STUDY – OFFICE 365 BREACH

CASE STUDY  (5 Min read)  The following case study details a case where SECMON1 was…

5 years ago