Support

Admin Tools

#11538 Change Super Administrator ID

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 14 March 2012 06:54 CDT

Tuesday, 13 March 2012 11:24 CDT

user58348
Hi Nicholas,

I want to avoid troubles in connection with using the "Change Super Administrator ID" feature. CouldnΒ΄t the same result be achieved by simply creating a new super administrator (which will consequently have an ID different from the default super administrator) and afterwards deleting (or at least choosing the group "registered" for) the default super administrator? According to my understanding this will do the same thing. Or are there some settings in Joomla! or the components which need to have a super administrator with ID 62 ?

Greetings

Netzy

Tuesday, 13 March 2012 12:39 CDT

nicholas
Hi Netzy,

New Super Administrator accounts are created serially. For instance in Joomla! 2.5, you begin with a SA with an ID of 42. The next user you create is 43, 44, etc. Since changing the SA will be the first thing to do on a new site, its ID will most likely be 43. That's the second ID an attacker might try besides 42. On the other hand, Admin Tools creates an SA with an ID between 1 and 41. This makes it slightly harder for an attacker, as he has to try an average of 20 different IDs to get it right.

Of course, if you have dozens of users on your site, creating a new SA through Joomla! is just as good (and maybe a little better!) than using Admin Tools. The idea is making the SA ID random enough as to be a waste of time for an attacker to guess it.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 14 March 2012 06:08 CDT

user58348
Hi Nicholas,

thank you for your very helpful and straigthforward answer!

Due to the fact, that I already have much more than 42 and 62 users, respectively, I have chosen to not use the "Change Super Administrator ID" feature of admin tools. What I did is:

1. Login with old Superadmin
2. Create a new Superadmin with hard to guess username and password
3. Logout
4. Login with new Suderadmin
5. Changing the rights of old Superadmin to "registered" and save
6. Deleting the old Superadmin

I found the corresponding instructions on another website. Everything seems to work fine ...

Thanks for your brilliant support!

Greetings

Netzy

Wednesday, 14 March 2012 06:46 CDT

nicholas
Hello Netzy,

Yes, that should also work. It is essentially what Admin Tools does. The only special thing about Admin Tools is the user ID of the new Super Admin it creates, nothing more and nothing less ;)

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 14 March 2012 06:54 CDT

user58348
OK, thank you!

Netzy

Wednesday, 14 March 2012 06:54 CDT

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!