1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do you put yourself as admin?

Discussion in 'Forum Management' started by billybatz9, Jan 21, 2014.

  1. billybatz9

    billybatz9 Active Member

    Do you show everyone you are the admin on your forum? Or do you disguise your self as a mod or registered member?
     
  2. Amaury

    Amaury Well-Known Member

    I'm an administrator and show it. Why hide what you are?
     
  3. billybatz9

    billybatz9 Active Member

    People might try to hack your account everyday maybe? People might hag you for crap and etc..
     
  4. Amaury

    Amaury Well-Known Member

    People will try to hack accounts, anyway. The important thing is that you have a strong password.

    As for members nagging, that doesn't happen currently, but I wouldn't really care. If I am busy or something, I'll just say so or go invisible.
     
    LPH likes this.
  5. Null

    Null Well-Known Member

    I would tend to do the following...

    User ID #1 / Administrator
    User ID #2 / Null (me)

    I'd give myself (Null) moderation capabilities, but use the Administrator account for any administrative duties (admin cp, mainly).

    Edit: this is just a force of habit, nothing specific to XenForo per se; I've known of several instances where people have exploited XSS flaws to gain elevated access-privileges.

    I also take advantage of ngx_http_auth_basic_module.
     
    Last edited: Jan 22, 2014
  6. Jeremy

    Jeremy XenForo Moderator Staff Member

  7. Sheldon

    Sheldon Well-Known Member

    First thing I do is ban myself.
     
    Andrej, thedude, Bob and 1 other person like this.
  8. mistypants

    mistypants Well-Known Member

    I don't hide it. I rotate randomly generated passwords quite often and we haven't had a hack in some time now (or at least, a successful one). People definitely nag you and it can get awfully annoying, but I think it's an alright trade off to making the site staff seem friendly and accessible.
     
    Amaury likes this.
  9. The Dark Wizard

    The Dark Wizard Well-Known Member

    We've never had an account compromised for as long as I've been running forums(a decade now?)

    My current password for my site is 100 characters long(for the lols mostly) I'm currently using this. https://lastpass.com/
     
  10. billybatz9

    billybatz9 Active Member

    why?
     
  11. Null

    Null Well-Known Member

    He's being sarcastic, it's how @Sheldon rolls.
     
    Amaury likes this.
  12. RoldanLT

    RoldanLT Well-Known Member

    Yes, Why not ? :)
     
  13. Blue

    Blue Well-Known Member

    Someone has to be the boss.
     
  14. rainmotorsports

    rainmotorsports Well-Known Member

    Thing is having a user named Administrator and even having a user on id 1 with admin at all are huge targets. Our vB forum didn't have a user 1 and I actually assume it was a previous admin that was deleted but I am not sure.

    Whats funny is User 2 and 3 were basically owners of the site with global admin. But any time the site was attacked they dumped user 3 specifically. No one ever went after #2.

    When it comes to people getting bothered more often user #3 gets PM's and profile posts regarding site design development etc. When the truth is the person to bug is me and I was user 3128. Luck of being the new admin I suppose and no owner related title.
     
  15. xIsabel38

    xIsabel38 Well-Known Member

    I don't hide it, I am the admin, the super admin, and all that jazz on my forum. And I'm not afraid of hackers trying to crack my password.

    First, I don't use a simple password.

    Second, I have this thanks to @tenants . So even on the off chance someone did have my password, they still couldn't get in.

    PS- Is @tenants still around?
     
    Last edited: Jan 22, 2014
    RoldanLT likes this.
  16. Tracy Perry

    Tracy Perry Well-Known Member

    I wish there was an add-on that would allow you to use the Google Authenticator like I do with my SSH logins on the servers. Makes it nice as I use keys normally but I'm not always at a computer that has a key installed on the server (and don't have a habit of carrying them around on a thumb drive). Makes it nice to be able to log into SSH from remote if I am at a clients and need to do something.

    EDIT:

    And speak of the devil... http://xenforo.com/community/resources/freddyshouse-two-factor-authentication.1663/
     
    Last edited: Jan 22, 2014
    RoldanLT likes this.
  17. Carlos

    Carlos Well-Known Member

    I avoid the whole "Admin" username because that's where spammers try to force themselves into, etc. But the other weakness is that "admin" or administrator usernames in general makes you look like a faceless admin. No personality, no bones, no this, no skin, no that... you know, the usual.
     
    Amaury likes this.
  18. FredC

    FredC Well-Known Member

    No but I've been perpetually invisible for years. So I have never been shown in the "Staff Online Now" block to my members.
     

Share This Page