Mark said:I have recently acquired a laptop with Windows XP already installed.
Is the use of User Accounts mandatory or can XP be configured without
having to specifiy any User Accounts, as is the case with Windows 98?
BillW50 said:Well not like Windows 98. But the one user account that you use and if
it is set for Administrator settings, the other ones can be deleted. And
you can configure it to boot up without asking which user logs on
(whether or not there are other users or not).
Mark said:I have recently acquired a laptop with Windows XP already installed.
Is the use of User Accounts mandatory or can XP be configured without
having
to specifiy any User Accounts, as is the case with Windows 98?
Rock said:There is a built in Administrator account by that name. It cannot,
nor should you delete it. It is also not good practice to use this
account for day to day activities. Create at least one other account
with admin level privileges, and then as many limited user accounts
as you need.
BillW50 said:Rock said:There is a built in Administrator account by that name. It cannot,
nor should you delete it. It is also not good practice to use this
account for day to day activities. Create at least one other account
with admin level privileges, and then as many limited user accounts
as you need.
[clip]
Well yes you can delete the Administrator (user name) account and for
security purposes, it should be deleted. The rule is you can't delete
all administrator privileges. You must have at least one user with
administrator privileges. And that user name doesn't have to be called
Administrator either.
As when hackers try to access an unknown computer. And they don't know
any user names to use to access that computer. So what is the first user
name account are they going to try to hack into? That is right, they are
going to try to access the user named Administrator.
See unlike Rock, I have no user named Administrator on any of my
systems. So a hacker could try to hack into that user account here from
now until the end of time... and they will never get in. Because that
account just doesn't exists here. Unlike 99.999% of the other computers
out there.
BillW50 said:Rock said:There is a built in Administrator account by that name. It cannot,
nor should you delete it. It is also not good practice to use this
account for day to day activities. Create at least one other account
with admin level privileges, and then as many limited user accounts
as you need.
[clip]
Well yes you can delete the Administrator (user name) account and for
security purposes, it should be deleted. The rule is you can't delete all
administrator privileges. You must have at least one user with
administrator privileges. And that user name doesn't have to be called
Administrator either.
As when hackers try to access an unknown computer. And they don't know any
user names to use to access that computer. So what is the first user name
account are they going to try to hack into? That is right, they are going
to try to access the user named Administrator.
See unlike Rock, I have no user named Administrator on any of my systems.
So a hacker could try to hack into that user account here from now until
the end of time... and they will never get in. Because that account just
doesn't exists here. Unlike 99.999% of the other computers out there.
Rock said:I have no idea what you are talking about. The system prevents you
from deleting the built in Administrator account in XP, nor should
you.
Right Rock! Whatever you say!
"Condemnation without investigation is the height of ignorance." ~ Albert
Einstein
"People who say it cannot be done should not interrupt the people who are
doing it." -- Anonymous
Rock said:So how did you delete it Bill?
Also I don't understand why you say it should be deleted for security
purposes. There should be at least two accounts on the system with
Admin privileges. Renaming the Administrator account is good
practice and as well as assigning a strong password, but why delete
it?
BillW50 said:Correct! For simpletons, renaming works best. And yes you should add a
strong password. I don't know why you suggest having at least two
administrator accounts? Unless you believe one of them may get trashed one
day.
OTOH, Malke suggests: "Administrator - Built-in account - Leave alone! Do
not use! Do not worry about it!"
Well that just leaves your system wide open. As the default is no
password. Thus anybody can have full access to your computer. I don't
recommend this one bit and I think it is foolish.
Rock said:As Pegasus puts it, do you have only one set of keys for your car? You
hit it on the head, with only one admin level account if that
messes up, you could be in big trouble. It's not uncommon for us to
see posts in here were that is the problem.
Plus I don't see where there is any more security problem with having
two admin accounts rather than one. You haven't explained why it is
a security problem to have the Administrator account.
Also you haven't explained how to delete it. I'm still listening.
Correct! For simpletons, renaming works best. And yes you should add a
strong password. I don't know why you suggest having at least two
administrator accounts? Unless you believe one of them may get trashed one
day.
OTOH, Malke suggests: "Administrator - Built-in account - Leave alone! Do
not use! Do not worry about it!"
Well that just leaves your system wide open. As the default is no
password. Thus anybody can have full access to your computer. I don't
recommend this one bit and I think it is foolish.
Rock said:As Pegasus puts it, do you have only one set of keys for your car? You
hit it on the head, with only one admin level account if that
messes up, you could be in big trouble. It's not uncommon for us to
see posts in here were that is the problem.
Plus I don't see where there is any more security problem with having
two admin accounts rather than one. You haven't explained why it is
a security problem to have the Administrator account.
Also you haven't explained how to delete it. I'm still listening.
AJR said:Rock - you are corrrect and you are wasting your time!
Rock - you are corrrect and you are wasting your time!
"Rock" wrote
Okay, I rather use BartPE and ERUNT myself. Not only for this but
backing up and protecting my registry.
Well having more than one is okay, I have no problems there. The problem
I have is keeping the user name as Administrator. Rename it, delete it,
or something. And add a secure password.
I seem to recall it was very easy. I believe it worked like this:
While on the Administrator account, give one user (or make a new one)
with Administrator privileges. Logoff and then logon on this new
administrator account. Now you are free to delete the original one.
Simple, eh?
Another way is to hack the registry:
Windows NT/2K/XP/2K3 manual removal of the Administrator account
http://www.kuro5hin.org/story/2004/7/4/7570/05276
Bill wrote
Those are good tools, but not relevant to the point. The purpose of
two admin accounts is to provide a simple fallback so one doesn't
have to use a utility and extra time to get things working (and
that's assuming one could fix it). This is protection for the
average (and smart) user. Bring out the big guns when needed, sure,
but why do so if other simpler measures will suffice?
Bill, in your original reply to the OP you wrote, "Well yes you can
delete the Administrator (user name) account and for
security purposes, it should be deleted." Now are you saying it's ok
to have more than one admin account and implying the Adminstrator
account is ok too, but the problem is with the name? So which is it?
Should it be deleted for security purposes, as you originally stated,
and if so what is the specific security purpose?
Or is it that your security concerns can truly be satisified by
assigning a strong password and renaming the account, as a simpleton
might do?
Rock wrote
Bill wrote
Have you actually tried this, Bill? The Administrator account
doesn't show up by default in the User Accounts applet in Control
Panel. In XP Pro in normal mode one has to go to a command prompt
and run control userpasswords2. (I'm not sure how you would get to
it in XP Home. I'm thinking start in Safe Mode, login to the other
admin account, and do control userpasswords2).
Highlight the Administrator account, click on "Remove" and XP throws
an error, "The user <Computer Name><Administrator> could not be
removed". It doesn't matter if the account was renamed, either. XP
won't delete that account.
I guess not so simple?
Bill wrote
Yes, I was aware that you can mess with it by extraordinary means.
Have you actually read that article? Here is a quote from it, near
the beginning of the article:
"DISCLAIMER
"Before I begin, I am obliged to point out that editing the Registry
in Windows is risky at the best of times, and that following the
steps in this article is downright nuts. ... Even if you follow these
steps perfectly you could still render your system mangled by
unintentionally removing all administrative accounts. ..."
[Note: the last sentence in this paragraph is in bold font for
emphasis. (I wonder why, eh?) Since I am posting in text mode the
bold doesn't show.]
Did the author actually delete the Administrator account, you ask? No.
"I decided that the easiest way to achieve my purpose was not to try
and delete the Administrator account, but to simply remove it from
the local Administrators group (thus removing its privileges). "
And that's the process the article goes on to discuss in complicated
detail.
Do you still maintain that one can and should delete the Administrator
account for security purposes? Is this something the average user
or even not so average user should do for system security?
Bill, the point isn't to get into an argument about who is right, the
point is to provide the OP with the best info, wouldn't you agree?
Thank you all for this information. It is such a pain to go into Safe Mode
every time I want to see the Administrator account.
Why does it matter how strong the passwords are? There exists a boot disk
that takes you to something called SAM, where you can delete or change the
passwords. You have to have access to the computer to use this, but I'm
sure
someone has figured out how to do it online.
If, like me, you have a problem with people changing your passwords, a
company named Spotmau makes a program that will allow you to delete or
change
Administrator's password or any other with a GUI interface. You boot from
the
CD. You can download it or have them send you the disk. It has a lot of
other
features too. It's at spotmau.com.
When I was in SAM, I noticed that a couple of passwords were "locked."
Would
this protect a password from being changed? If so, how do you do it?