Do you put yourself as admin?

billybatz9

Active member
Do you show everyone you are the admin on your forum? Or do you disguise your self as a mod or registered member?
 
People might try to hack your account everyday maybe? People might hag you for crap and etc..

People will try to hack accounts, anyway. The important thing is that you have a strong password.

As for members nagging, that doesn't happen currently, but I wouldn't really care. If I am busy or something, I'll just say so or go invisible.
 
  • Like
Reactions: LPH
I would tend to do the following...

User ID #1 / Administrator
User ID #2 / Null (me)

I'd give myself (Null) moderation capabilities, but use the Administrator account for any administrative duties (admin cp, mainly).

Edit: this is just a force of habit, nothing specific to XenForo per se; I've known of several instances where people have exploited XSS flaws to gain elevated access-privileges.

I also take advantage of ngx_http_auth_basic_module.
 
Last edited:
I don't hide it. I rotate randomly generated passwords quite often and we haven't had a hack in some time now (or at least, a successful one). People definitely nag you and it can get awfully annoying, but I think it's an alright trade off to making the site staff seem friendly and accessible.
 
I would tend to do the following...

User ID #1 / Administrator
User ID #2 / Null (me)

Thing is having a user named Administrator and even having a user on id 1 with admin at all are huge targets. Our vB forum didn't have a user 1 and I actually assume it was a previous admin that was deleted but I am not sure.

Whats funny is User 2 and 3 were basically owners of the site with global admin. But any time the site was attacked they dumped user 3 specifically. No one ever went after #2.

When it comes to people getting bothered more often user #3 gets PM's and profile posts regarding site design development etc. When the truth is the person to bug is me and I was user 3128. Luck of being the new admin I suppose and no owner related title.
 
I don't hide it, I am the admin, the super admin, and all that jazz on my forum. And I'm not afraid of hackers trying to crack my password.

First, I don't use a simple password.

Second, I have this thanks to @tenants . So even on the off chance someone did have my password, they still couldn't get in.

PS- Is @tenants still around?
 
Last edited:
  • Like
Reactions: rdn
I wish there was an add-on that would allow you to use the Google Authenticator like I do with my SSH logins on the servers. Makes it nice as I use keys normally but I'm not always at a computer that has a key installed on the server (and don't have a habit of carrying them around on a thumb drive). Makes it nice to be able to log into SSH from remote if I am at a clients and need to do something.

EDIT:

And speak of the devil... http://xenforo.com/community/resources/freddyshouse-two-factor-authentication.1663/
 
Last edited:
  • Like
Reactions: rdn
I avoid the whole "Admin" username because that's where spammers try to force themselves into, etc. But the other weakness is that "admin" or administrator usernames in general makes you look like a faceless admin. No personality, no bones, no this, no skin, no that... you know, the usual.
 
No but I've been perpetually invisible for years. So I have never been shown in the "Staff Online Now" block to my members.
 
Top Bottom