Windows Accounts






Type of Accounts:




Built-In Accounts: 

These accounts are created during the Windows installation

we have three types of built-in Accounts:


  1. Administrator Account
  2. Guest Accounts (e.g., Guest):


1.Administrator Account :


These accounts are used to perform system configuration, set up the computer, and install necessary software and updates before the system is attached to a domain.

 

You need the Built-in Administrator account to access and modify critical settings to install essential updates or troubleshoot system errors.

These accounts are used during emergency recovery, for example, troubleshooting and restoring a system, and also in situations like safe mode,

perform repairs, especially when there are problems with other user accounts

 


Controls/Security Measures:


Disable or lockout Built In administrator accounts:

In modern computers, the built-in administrator accounts are disabled by default; these are advisable to keep disabled.

 

If these are disabled, then how can we recover them?

These are disabled in standard Windows mode, but in safe mode, a built-in administrator account will enabled automatically, and you can recover/restore the system.

As we mentioned above, during an emergency or safe mode, these are necessary,

 

Rename built-in administrator accounts

Set strong passwords for built-in administrator accounts




3.Guest Accounts (e.g., Guest):

 

These default guest accounts are designed to provide limited and temporary access for users who don’t have regular accounts in the system; these accounts are disabled by default; if not, it is recommended to disable them for security reasons.

 

This guest account is used when users need short-term or one-time access to the computer or network without creating a dedicated account.

For example, A visitor in an office or a shared PC in a library

 

In some cases, a guest account is used for anonymous access to network resources like shared files and printers, especially in older setups or less secure environments.

 

Some older systems or applications may rely on the guest account for authentication when no specific user credentials are provided

 

 

Controls/Security Measures:


Disable the guest accounts,

Rename guest accounts
If guest accounts are not properly configured, it is a security risk
Attackers may exploit the Guest accounts to gain unauthorized access to the system or network
Always provide recommendations to create temporary accounts by deactivating/disabling these guest accounts,


Subscribe to: Posts (Atom)

Popular Posts

Buy me coffee

Buy me coffee
#Fuel My Cybersecurity Journey with a Coffee!

Payment

click here