Deleting the administrator user account RRS feed

  • Question

  • The reason why I want to delete this account is because it is the default and therefore can be guessed by a potential malicious user, whereas if I just leave my custom administrator accounts, then a malicious user would have to guess both the account names and the passwords.

    Having said that, is this the best way to do this is to delete the 'Administrator' account? If so, what are the things I need to check/consider before deleting this account? For example, the usual windows services that use this account, sql server /sharepoint settings such that if this account gets deleted, I won't be able to get to.  Is Windows Server 2008 smart enough to tell me when this (or any for that matter) account is being deleted, that it is being used somewhere?


    hello world!
    Saturday, July 31, 2010 3:44 PM



    You can't delete builtin accounts.  But you can rename them, which for the sake of security is what's recommended.

    1. Give it a very long, complex password.  (Keep the password someplace secured, so you can use it if you find you need it.)
    2. Rename the account.  This isn't foolproof, because the account still has a common GUID that the more determined
    3. Disable the account.  Even if they find it and crack the password, they won't be able to use it.
    4. Create a dummy "Administrator" account.  Give it a sufficiently long and complex password, and absolutely NO administrative rights.  NOTE: It's good to audit account login failures and watch for attempts to crack this one. 

    Hope this helps,



    Kevin Remde US IT Evangelism - Microsoft Corporation
    • Marked as answer by Kevin Remde Monday, August 2, 2010 12:51 PM
    Monday, August 2, 2010 12:51 PM