Hi,
I have a general security question for a DNN 7.x site. I have been running DNN for a number of years and since I started way back when I have been using the default accounts called "Admin" and "Host". Both of these accounts have fairly strong passwords on them. I am sure some talented hackers with the right tools could crack my passwords if they wanted.
Based on my experience managing Windows servers, I am wondering if I should change the user names on these accounts. What do other people do in this case? Do most use admin and host or do they have their own unique names?
Assuming I wanted to change the host account to say "myhost", how can I do this in DNN 7? I suppose I could do this:
1. Log in as host and create a new SuperUser account called "myhost",
2. Assign "myhost the correct privileges
3. Log back in as myhost and then edit the host account
Is this the way to do this? Would I then lower the security on the original host down to guest status?
I would prefer changing the name, if that is possible.
Is there any chance changing the name of my host account (or dropping its privileges) would break some functionality in DNN or any of my third party modules?
Lastly, are there other steps in DNN that I can take to protect my Admin and Host accounts? Can I limit access to these accounts from certain IP addresses?
Thanks for any input on this.
|