Why We Use Administrator Passwords and How to Reset Them

One of the security practices we follow at EIT is something called the Principle of Least Privilege. This principle says that at every level users and programs should only be able to access the information and resources that they need. Because users don't install programs all the time (the way that we type emails all the time or visit web pages all the time), we don't need to have that power all the time. More importantly, someone hacking your user account also doesn't have the power to install programs.

However, we also want Extension staff to have access to the programs you need when you need them. Providing an administrator account with a strong password is one way to both follow the Principle of Least Privilege and to give you the ability to use your computer the way you need to use it.

Each computer we set up at EIT or according to the instructions we provide has a local account called an Administrator account. This account, unlike your regular user account, has full authority to install and remove programs, access all the files on your computer, update drivers and perform other system configuration tasks. It is critical that you safeguard this account and the password. It's also important that this account has a strong password and that you not leave the account information in an unsecured place (like on your desk or stuck to your monitor).

Resetting the Administrator Password

Under certain circumstances, Extension IT may be able to remotely reset your Administrator password.  This depends on whether or not your computer is working properly, how recently it has been updated, and whether it's on the network.  A remote password reset will not work if your computer is having network-related issues or if it's been off the network for an extended period of time.  Your computer will need to be turned on, booted up and connected to the IASTATE network.

To have your administrator password reset (If you know your old administrator password):

1. If your administrator password is compromised or you want to change to a more secure password, follow these steps:

  1. Save all your work and close all applications.
  2. Log out of your account.
  3. Log in as an administrator where the username is administrator and the password is the old administrator password.
  4. As soon as you log in. Press Control+ALT+Delete all at once.
  5. Select the option "change a password".
  6. Enter your old password and your new secure password.
  7. Press enter after you are done filling in all the fields.
  8. You have now successfully updated your password.

To have your Administrator password reset (If you don't know your old administrator password):

  1. Before you call the hotline, make sure your computer is connected to the IASTATE network by accessing a web site or file share.
    1. Find out the computer name by going to the System Control Panel:

    2. Click Start, right-click Computer, select Properties.
       
  2. Under the heading Computer name, domain, and workgroup settings you'll see a Computer Name
  3. Call the EIT Computer Support Hotline at 515.294.1725

Note: Be aware that because we follow the Least Privilege Principle, we also restrict who can make certain high-level changes (like resetting administrator passwords) within Extension IT.  This means that someone may not be immediately available to reset your password when you call.  For your own convenience, it's better to store your administrator password in a safe secure location so you have it available when you need it.

Category: