If you’re reading this post, that means you are probably concerned about security for your Windows 10 box. And, that’s a good thing. A healthy dose of skepticism, coupled with a dash of paranoia, will serve you well if you want to make sure your Windows 10 system is as secure as possible.
If you didn’t already know, Windows 10 – like previous versions of the OS – ships with a default Administrator account that is by all accounts essentially a “Super Admin” account capable of performing virtually all admin tasks – save for running Windows Store apps and a few other things. Still, using the built-in Administrator account, you can delete users or access their files – even those accounts and files of other administrators.
But, the Built-In Administrator Account in Windows 10 is Disabled
Yes, by default, the built-in Windows 10 administrator account is disabled. But there are many ways to enable it and potentially put your machine at risk. In fact, the built-in admin account in Windows 10 does not even require a password. If you enable the built-in Windows 10 administrator account by choice, you should always create a strong password to use with it.
I won’t go too much into how to enable the built-in admin account. If you do choose to do so, there are hundreds of how-to tutorials all over the Web. Just Google it. There is no real reason to enable the built-in Administrator account in Windows 10, though – unless you forget the password for your own Administrator account. However, therein, lies the problem, the built-in account can be used to remove or reset your password, and then access your files. What’s worse is the fact that a savvy user need not even be able to log in to Windows 10 to totally take over your account – even if the default admin account is disabled.
Breaking into A Windows 10 Administrator Account: Much Easier Than You Think
With nothing more than a generic Windows 10 installation disc or USB flash drive, one can enable the built-in Administrator account – with a little simple trickery – and then use it to lock you out of your own system, or worse, access your private and sensitive files.
I won’t go into detail about how this done (again, just use Google,) but suffice to say that it requires little more than renaming a single file via the command prompt (which is available when you boot from a Windows installation disc or bootable USB flash drive.)
While setting a strong password for the built-in Windows 10 administrator account will certainly help protect you, it’s probably wiser to just get rid of the account completely. I mean, after all, you don’t really need it, and adding a password just means something else you have to remember or keep track of.
How to Remove the Windows 10 Built-in Administrator Account
If you search on the Internet, you’ll find plenty of sites and forum posts that tell you that you can’t “delete” a built-in Windows account (Administrator or otherwise.) And, when using conventional account deletion methods (see below,) this is true. But…
By using a very simple registry hack, though, you can delete the built-in Administrator account, as well as the other Windows 10 built-in accounts (i.e. Default Account and Guest Account.) So, with that in mind, let’s learn how to delete the built-in Windows 10 Administrator completely (it’ll only take a minute or two.)
Note: Before deleting the built-in administrator account, you should back up your Windows Registry or Create a Restore Point (or both.) If you don’t do at least one of these things, you will not be able to restore the built-in Windows 10 administrator account later – should you choose or need to do so.
Step 1 – Press the “Win + R” keys to display the Run box prompt. Type “regedit” into the “Open” field, and then click “OK” or press “Enter.”
Step 2 – In the Registry Editor window, navigate to the “Computer\HKEY_LOCAL_MACHINE\SAM\SAM” folder.
Step 3 – Right-click the expanded “SAM” folder, and then click “Permissions” on the pop-up context menu.
Step 4 – In the “Permissions for SAM” window, select the “Administrators” group. Then, enable the “Full-Control” and “Read” options under the “Allow” header and click “OK.”
Step 5 – Click “View” on the Registry Editor window menu bar, and then click “Refresh.”
Step 6 – Expand the subfolders underneath the “SAM” folder until you come to the “Names” folder. Expand the “Names” folder to reveal the list of user accounts on the system. Right-click the “Administrator” folder, and then click “Delete” on the pop-up menu.
That’s it. The Windows 10 built-in Administrator account has been deleted.
Verify Administrator Account Deletion
Now, if you want to verify that the built-in admin account has indeed been deleted, you can do so in a couple of ways.
The first way is to open a command prompt (Win + R), then type “cmd” and press “Enter.” After the command prompt window opens, type “net user” and press “Enter.” Windows will display a list of all accounts on the system. Please note that the Administrator account is no longer visible (because it’s gone.) This command will list all accounts on the system – even if they have been disabled. So, you can rest assured that the built-in account is indeed gone.
You can also verify that the built-in Windows admin account is gone by opening the Computer Management console in Windows 10. To do this, open a new “Run” command prompt (“Win +R”.) Type “compmgmt.msc” and press “Enter.” Then, click “Local Users and Groups” and select the “Users” folder. Again, note that the “Administrator” account is not visible.
If you want, you can use the same process to delete the Default Account and Guest Account in Windows 10 as well. And, if you’re ultra-paranoid about your Windows 10 security, it might not be a bad idea. Those accounts, though, are very limited and not able to perform the same sneaky and invasive tasks as the built-in Administrator account.
Well, there you have it. You have now taken another step in locking down your Windows 10 computer by ensuring that no one can use the built-in admin account to take over your account or steal your data. Are there other ways to break into Windows 10? Well, yeah; but, that’s for another day.
Until then, stay safe and keep your data secure!
0 Comments