| Practice | Why | |----------|-----| | | Admin accounts are prime targets. | | Use a password manager | Never hardcode credentials. | | Log all actions | auditd (Linux) or SACL (Windows). | | Rotate credentials regularly | Every 90 days or less. | | Restrict by source IP | Allow only from management subnet. | | Avoid daily-use login | Use personal account + sudo or runas . |
To achieve good administration, consider the following best practices: amyadmin
/opt/amyadmin/ ├── bin/ ├── config/ ├── logs/ └── scripts/ ├── backup.py └── user_mgmt.sh | Practice | Why | |----------|-----| | |