Home 0P3N Blog The Dangers of a Root Account and Security
Ready to Start Your Career?
Create Free Account
cheawick s profile image
By: cheawick
November 29, 2016

The Dangers of a Root Account and Security

By: cheawick
November 29, 2016
cheawick s profile image
By: cheawick
November 29, 2016
linux-154766_1280I'm surprised I have not so far found an article addressing this to date. Should I be wrong, please advise.Many users of moderate level computer knowledge tend to forget about the Root account, that first account made at the time of setting up a new pre-built laptop, PC or even a new OS install so you can get on with the fun of computing.Here is a little checklist to follow when dealing with a new system, no matter what OS is the host and no matter the VM (Virtual Machine) is installed.
  1. Your first user should be the name of the computer itself, also do not allow any internet interface activation/updates (yes this will lengthen the process; however, it makes for a lot more security in the end outcome), for a computer name use something like (silly example) frogbarfx011, and once all installation processes are complete, log off! All we want to do here is install the software on the OS, this is the Root account that we need to disable after creating two more accounts. More than likely you'll have to reboot once or twice.
  2. Log back into the Root account and find the User Account (sometimes named Groups) tab/page/link, as here we need to add an administrator and a standard user account. Set passwords or passphrases for both before you close them down after setup, and make sure they are at the very least 18 characters in length, including alphanumeric and special characters.
  3. Here's the annoying part, you need to log in with the standard user account and do all of the software online updating crud by being harassed by requirements to keep inputting your Admin ID and password (system dependent).
  4. This is something I'm still trying to figure out, there are times that you absolutely must directly log in to the Admin account or even the Root account with regards to device driver updates and more sophisticated software actions.
 I hope this helps others in their path of learning,Cheawick
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry