[SOLVED] Can the Admin account be disabled with safety
Hi guys, first of all, thank you to all PfSense Team for this incredible product. You are really awesome. I usually try to figure out my doubts, but in this case I thought that would be better ask.
Is there any problem creating a new user, promoting to admin, and disabling the default "admin" account ? I'm using local authentication.
I believe this would improve the security, but i'm not sure if the "admin" word is hard coded somewhere.
Sorry guys, this question was already answered on 2013, and yes, it is possible work in this way.
With some drawbacks:
So, I think is better just creating a strong password for admin account.
What I would do is leave the admin account enabled but with very strong password and use the account only when really needed. Then I would set up another user with lesser privileges that still allow every day admin work.
I can also suggest to never use the admin account as VPN authentication. Sounds a bit paranoid, but why not.