Different options are available for protecting the Administrator account (which can be combined):
- Use a firewall to block all access to the machine from network.
- Deny network logon with accounts included in the Administrator-group using group policies:
- Start the Local Security Policies snapin
- In the tree-view go to "Local Policies" -> "User Rights Assignment"
- Go to the entry "Deny access to this computer from the network" and double click it to add the Administrators-group.
- Change the name of the Administrator account:
- Open the Control Panel and double click Users and Passwords
- On the Users-tab tick Users must enter a username and password to use this computer
- In the list Users for this computer: select the Administrator account
- Click Properties-button and in the new window change the User name to something you can remember yourself
- Setup a password for the Administrator account:
Windows XP will by default block network access to accounts with no password, and configures the Administrator account to have no password. Don't set a password for the Administrator account, unless wanting to enable access to the account from the network.- Open the Control Panel and double click Users and Passwords
- On the Users-tab tick Users must enter a username and password to use this computer
- In the list Users for this computer: select the Administrator account
- Click Set Password...-button and in the new window type in the new password.
- Use PassProp to protect the built-in administrator account from being attacked by dictionary password crackers. The built-in administrator account can never be disabled by default, so if having guessed the built-in administrator account name, then it can be attacked without the account becoming disabled. The PassProp utility can change the administrator account so it will react to password lockout policies. More Info The Administrator Accounts Security Planning Guide
- Press Start-button and select Run... this command:
lusrmgr.msc
- Select the folder Users and right click the Administrator account and select Rename
- Change the name to something you can remember
- Start the Local Security Policies snapin
- In the tree-view go to Local Policies -> Security Options
- In the list find the item Rename Administrator Account and double click it to change it to something you can remember yourself
More info MS KB320053
I think you can rename administrator account by using the properties @ Control-Panel -> Users (click on user and ..properties)
Yes you are correct, I have now updated the tip with some different ways to access the user configuration.