User password security is always important, but the single most important user account on your network is the Administrators account. For the best security, the password for this account MUST be a combination of upper and lower case letters, numbers and punctuation and ideally 8 characters or more. This will provide a password that is very hard to guess using dictionary lookups or brute force password attacks.
Changing the Administrators password is also relatively simple, but varies depending on the server environment that you have.
Windows NT 4.0 Server
On a simple NT4.0 server network, you can change the administrators password using NT User Manager.
SBS 4.0 and 4.5
These versions of SBS include Exchange Server and the account used to run the exchange server is the administrators account, therefore you can’t simply use the NT User Manager as if you do then it will result in the Exchange Server services not starting when you next reboot your server. Always change the administrators password via the SBS Administrator console – under the covers, the console will also alter the default Exchange Server services to use the new password and you will not have any problems.
SBS2000 and SBS2003
These systems are less reliant on the administrator account password and as such you can change the password using the Active Directory Users and Computers management console.
Other considerations for ALL systems
In addition to actually altering the password, don’t forget that there may be other services in the system that rely on the Administrator password, common programs include;
– Antivirus software for access to the internet via the Proxy or ISA server,
– Backup programs which have the password saved in the backup script,
– SQL Server – if you have altered it’s services to run under an account different from the default LocalSystem account.
– Scheduled Tasks via the inbuilt task scheduler