Network Security: User Account Obfuscation

Obfuscated user accounts can prevent unauthorized users from accessing the network, even if they gain physical access to the network. When it comes to security, obfuscation simply means picking obscure usernames.

For example, most network administrators assign usernames based on some combination of the user’s first and last names, such as BarnyM or baMiller. However, a hacker can easily guess such a user ID if he or she knows the name of at least one employee. After the hacker knows a username, he or she can focus on breaking the password.

You can slow down a hacker by using names that are more obscure. Here are some suggestions on how to do that:

  • Add a random three-digit number to the end of the name. For example: BarnyM320 or baMiller977.

  • Throw a number or two into the middle of the name. For example: Bar6nyM or ba9Miller2.

  • Make sure that usernames are different from e-mail addresses. For example, if a user’s e-mail address is baMiller@Mydomain.com, do not use baMiller as the user’s account name. Use a more obscure name.

Do not rely on obfuscation to keep people out of your network! Security by obfuscation doesn’t work. A resourceful hacker can discover even the most obscure names. The purpose of obfuscation is to slow intruders down — not to stop them. If you slow an intruder down, you’re more likely to discover that he or she is trying to crack your network before he or she successfully gets in.