Are there any risks associated with an expired built-in Administrator
password?  I've been googling but can't seem to quite get results that speak
to this issue.

In article <#rMg9Ul5GHA.4***@TK2MSFTNGP05.phx.gbl>, <-> says...
The risk is that you cannot log in with the account once the password has expired without
resetting it. If an attacker is able to determine the original password, due to poor password
implementation, they could change the password from under you.
Brian

So is it better practice to have it expire, or to never expire?


Show quoteHide quote

I have to go with Lanwench on this one. Complexity is good. Keep it in a safe. Break glass in
case of emergency
Brian

In article <OwTGyQn5GHA.2***@TK2MSFTNGP02.phx.gbl>, <-> says...
Show quoteHide quote

- <-> typed:
You can't make the built-in domain admin account password expire, to the
best of my knowlege.

Really, nobody should be using that account for their admin work anyway, nor
should it be used to run system services.  Just set it up with a good,
complex password, write that down on a piece of paper and put it in a sealed
envelope, and give that to the company owner so that he or she can fire the
entire IT department without getting screwed over. Any techs working on the
network should have two accounts - one for daily use (user only), and
another that has the delegated domain permissions they need to do their
jobs. Complex passwords & regular changes should be forced.

This is an "ideal world" setup, but hey, we can strive for that, right?

Password Protecting/Hiding Files & Folders on Windows 2003 server???
security update repeats "indefinitely"
controlling what computers a user can log on to
User Config / Windows Settings / Scripts Not Shown in GPOE
Novell/Active Directory
5 Ways to Speed Up Your Computer's Performance
W2K ESENT Event ID 454, error -515 every 5 minutes
windows security log doesn't have any entry
How do I set password expiry notification date??
Best Practice: Patches that are not critical or security related