Is there always an account with the username 'Administrator', as well as one's own Admin account?

Whatever account you setup first in the install prog is made admin.

If, when you're installing, you join a domain, the only real account it makes is the local Administrator account.

Professional or Home?

I know that in XP Pro, the install makes a kind of hidden 'Administrator' account, I believe the same goes for windows. Unless you use TweakUI or change some settings around in Admin Tools, you normally can't see the Administrator account on the "welcome screen"

However, if you switch to the Windows NT/2000 login, you can type in Administrator and the password (if you remember to set one during install) to enter the Administrator account.

Professional or Home?
Both. The computer has a default administrator account from the beginning of the install, but Windows prefers that users—even those using admin rights (yes, I know, a little semantical)—to not use administrator unless necessary. In XP Home, the administrator account can only be accessed while in safe mode.

And based upon the fact that the Administrator account always exists, it should always be renamed. Use the Admin Tools (Computer Management) in XP Pro / 2K / 2K3, not sure of the method for XP Home.

And based upon the fact that the Administrator account always exists, it should always be renamed. Use the Admin Tools (Computer Management) in XP Pro / 2K / 2K3, not sure of the method for XP Home.
Considering it cannot be accessed outside of safe mode, the reasoning behind renaming it is moot. You could go into the user settings in safe mode, I suppose, but the point of the admin account in Home Ed. is somewhate different than Pro. It's a fallback that, in case of emergency on a user account level, will always be there to help fix things.

In other words, it isn't open to the general public anyway, so going into safe mode and passwording it is sufficient.

Actually if you are afraid of remote attacks, no password is safer then a weak password, since XP denies all remote logins without a password.

If you are afraid of local attacks, aka little brother deleting those important picture files, then a you should set a local password as well.

This is true, Ranma. However, I could have sworn the admin account in XP Home is accessible through RDP (in the form of Remote Assistance) anyway. Is that not true?

This is true, Ranma. However, I could have sworn the admin account in XP Home is accessible through RDP (in the form of Remote Assistance) anyway. Is that not true?

On any default install of XP, RDP does not allow logins with blank passwords.

Windows XP Hint:

To access the old 'Login Screen' with manual USERID and PASS entry:
Make sure all users are logged out, and push CTRL+ALT+DEL twice in row.

Or just go into the user settings and "change the way users log on to this computer."

SJC, I'm talking about even if there is a password. The admin account in XP Home is not allowed to be accessed outside of safe mode as far as I know, which would seem to exclude the possibility of RDP connections.

SJC, I'm talking about even if there is a password. The admin account in XP Home is not allowed to be accessed outside of safe mode as far as I know, which would seem to exclude the possibility of RDP connections.

Heh.. XP home is safe from anyone logging in via RDP directly :p

Remote assistance, although it uses the same underlying protcol and ports as RDP, requires some kind of interaction on the client end in order to gain access to the machine.

For example, I would need to send an offer via Windows Messenger (not the messenger service) or MAPI email, then once you receive it, you would need to accept it on your end *before* I would be allowed to view your computer. Even those invites have an finite lifetime.

Even at that point, all I could do was view your computer, using the built in tools of RA requires me to press a button requesting the client to allow me to take over their computer.

Someone would need to do *a lot* of research and prying to using RA as an attack vector. I'm surprised no one has hacked XPHome RA for use as a makeshift RDP system using an automated tool of some sort.