Cyber Security Data security

Local admin regular password rotation - better to be safe than sorry!

Posted by Neil Elton on August 29, 2022
Woman receiving Local admin regular password rotation

The Challenge:  

As one of the first accounts created when Windows is first installed, Microsoft defines the default local Administrator account as having full control of your local devices’ files, directories and services.  

As a unique Master Key, it can unlock all your company’s data. How often do you change your local Administrator’s password? Could Cyber Criminals scrape your system’s active memory, through a Pass-the-Hash (PtH) attack?  

The Solution:   

Local Administrator Password Solution (LAPS) changes every password regularly. When activated it automatically selects random passwords, on all domain linked devices.  

LAPS uses Active Directory (AD) to rotate and manage passwords for every Local Administrator Account across every device. You can specify the age and length of each password.   

The Outcome:   

Track every password due to expire. Every administrator account password sits separately, unseen by your users, regularly rotated, ensuring security risks are managed effectively.   

Ensuring guessable passwords, are replaced by complex dynamic passwords.


Call Chalkline today on 020 3819 3300 or review our IT Security Packages for SMBs page and book a meeting with us, we can help with all elements of cyber hygiene and answer any questions you might have.