Synology: Disable admin account and increase security

This is how you protect your Synology NAS system from brute force attacks on the standard account

NAS systems sometimes store a huge pile of important data - the servers are also interesting for hacker attacks. If you are traveling with a Synology NAS system, the DSM operating system has been telling you to deactivate the standard admin account for some time. How this works and what it is all about, we will show you here.

Disabling admin account makes it harder for hackers

Whether desktop operating system, router or just a NAS: The user name admin is often used as a standard login to log into the user interface - with all associated user rights. If an attacker tries to gain access to the system, he "only" has to guess the password if there is an admin account. That makes Brute-Force-Attacks much easier.

Product prices and availability are correct as of the date/time shown and are subject to change. All pricing and availability information on at the time of purchase applies to the purchase of this product.

For this very reason, more and more device manufacturers are discouraging creating an account with the username admin set up. Also Synology points in its NAS operating system DiskStationManager have been pointing out for a long time to turn off the account and set up an individual user name with admin rights instead. In this way, you increase the security of your NAS system with relatively little effort.

This is how you turn off the admin account in Synology DSM

So that you are not excluded from your NAS system, you must first enter a new administrator account invest. To do this, first log in to DSM with the standard admin account and open the control Panel. Here you switch to the section user and group (or. User, if you haven't already switched to the DSM 7 are). Create one here with the button of the same name new user and fill in the required information. In the second step you add the new account to the Administrators group added.

With just a few clicks you can create a new user with admin rights.

Complete the wizard and assign other rights as you wish. Basically you can of course allow everything. Once you're done with that, log out of the DiskStation Manager and mentally say goodbye to your admin account... Now log in with the newly created admin account and open the control panel again. Now mark that adminaccount and click Edit. You cannot delete the original account, but you can deactivate it.

Put a tick next to it Deactivate this account and choose Sofort. With one click on Save you now shut down the account and thus ensure a little more security on your NAS system.

If necessary, check settings, services and apps beforehand

Deactivating the standard account is definitely recommended, especially since you can reactivate it at any time if necessary. However, it gets a bit complicated if you have tailored your NAS environment (and thus also the installed NAS apps and Synology services) to use the admin account. In this case, you should first check which steps are necessary for smooth operation.

Turning off the default account can also cause problems.

It is usually possible to transfer the relevant services, files and settings from the "bad" admin account to the newly added one. Here I just kindly refer to the support area of ​​Synology. With this link you will find a comprehensive overview of the individual NAS services that may be affected by the admin lock. Here you will also find the appropriate solutions to get the services running again. Alternatively, it can also be worthwhile to simply start again from scratch here and there - in the spirit of the universal factory settings ;-)

Product prices and availability are correct as of the date/time shown and are subject to change. All pricing and availability information on at the time of purchase applies to the purchase of this product.

Would you like more tips and tricks for Synology NAS systems? Do we -> This direction, please. Collect even more on the subject of security we here for you.

Boris Hofferbert

Freelance journalist, enthusiastic about technology since the blissful Amiga days, Apple desktop fan and Android fan on the go, gambles on Windows, can’t do without music (from classic rock to ska to punk) and audio books, likes to take postcard photos, always has at least two cell phones and is very happy about one coffee donation ;-)


  1. I also received this notice.
    Now I'm wondering, if Synology is so concerned about the security of general "admin" access: Why don't they just allow you to change the name "admin" to the name of the account you create? before deactivating “admin”? According to my logic, that would have the same effect with SIGNIFICANTLY less effort.

    Is there a logical explanation for this? And in combination with the already discussed 2FA: is deactivation even necessary?

    Thanks in advance!!

Leave a Comment

Your e-mail address will not be published. Required fields are marked with * marked

This website uses Akismet to reduce spam. Learn more about how your comment data is processed.

Back to Top button


Please deactivate your ad blocker.