Creating unique passwords for your Administrator accounts is one important step you can take to keep your systems secure. Here are some more best practices that can help you protect the powerful Administrator account from intruders:
- On each machine, change the default Administrator account name to a unique name. Although intruders can use certain utilities to identify renamed Administrator accounts, most security strategies still instruct you to change the accounts' default names. Some systems administrators create dummy Administrator accounts that have greatly limited access powers, then audit the accounts for activity.
- Use a unique password on each node. Then, if an intruder discovers a password, only one node will be compromised.
- Use strong passwords that dictionary attacks can't defeat.
- Change passwords frequently.
- Carefully document new passwords. Nothing is more frustrating than having to break into your own server when its NIC fails and the administrator account password you have on record doesn't work.
- Be sure to verify that the password change operation was successful.