I have a concern with the security for the initial Admin account on our Moodle site. In checking the logs I have seen that someone has attempted to log in using the Admin username with about 50 attempts in the past two days. I would like to change the password to something a bit more difficult or control when or how that account can be used. So I have a couple of questions.
1. Are there any side effects if I do a standard Moodle password change on that account? Just concerned that the system may use that account to access the db or other areas that might break if I change the password.
2. Is there a way to lock down that account? Something like can only be logged in from IP Address range 172.16.3.* etc or can we disable the account as we have several other user accounts that have admin rights to the site?
Thanks
Steve