Security Risk: hidden Admin account in WinXP, Part 2

Dennis Faas's picture

Yesterday, I wrote an article concerning a hidden Administrator account in Windows XP. As we discovered, this poses a significant security risk (especially for XP Home users) because it means that virtually anyone can gain unrestricted local access to the machine if the Administrator password is left blank.

Side note: The term "remote access" means to control / gain access to a computer which is physically housed in another location (typically over a network, such as the Internet). In a similar respect, gaining "local access" to a computer means to utilize the machine at the site of the computer itself (I.E.: not over a network).

Today, I received a few more comments from Readers on the subject of accessing the hidden Administrator account in Windows XP.

Infopackets Reader 'Alias Zero' writes:

" By default, Windows XP does not allow blank passwords to be used as remote credentials (I.E.: remote users cannot gain access to your system by using a blank password). This is not a critical risk, as only people on the local machine may logon to this account with a blank password.

If you are running XP Pro, go to Control Panel -> Administrative Tools, then to Local Security Policy; navigate to Local Policies -> Security Options. Third from the top is 'Accounts: Limit local account use of blank passwords to console logon only' and ensure that it is set it to Enabled. This will prevent access to any account with a blank password. "

Cecil B. commented:

" Having an administrator account in itself is not a security risk. The problem is having the administrator account and not password-protecting it properly. For example, leaving the Admin account with a blank password could potentially allow anyone to start the computer in Safe Mode, and then change every user password on the computer. This would effectively block everyone out of the machine. On the other hand, if the account is password-protected accordingly, the owner of the machine can use the Admin account to make adjustments to the machine (including overriding individual user passwords). "

Infopackets Reader 'SwathingScientist' writes:

" Could you explain to me how I can do away with the extra user accounts in XP Home please, or can I? There are 3 accounts on my machine: my personal account, the 'hidden' Admin account (as you pointed out), and a Guest account. To avoid a security pitfall, I'd like to remove the Admin account and Guest account. "

My response:

Removing / disabling the admin account is not advisable (I don't even know if it's possible), as it is required for Safe Mode. As Cecil B. pointed out, the risk with the Admin account (especially in XP Home) is leaving the password blank. If you password protect the Admin account, you will remove the risk that anyone can gain access (locally) to your computer and compromise your system. As for the Guest account: the access level of the Guest account is already limited (by default) and poses no risk.

Changing the Admin Password in Windows XP (Home and Pro)

From what I understand, the best way to go about changing the admin password is to login to your computer via Safe Mode and then change the admin password. By default, Safe Mode uses the Administrator account, so you should have no problems making these changes.

For more information, see KB article 321305 (scroll to the section which reads "Windows XP Home Edition or Windows XP Professional in a workgroup"). If you own XP Pro, you can also try changing the admin password using the MMC command (without booting into Safe Mode); see KB article 298252.

Rate this article: 
No votes yet