Mac OS X root account
The Mac OS X root account comes disabled by default in new Mac OS X installations. It is essentially all-powerful on a particular computer. It has access to all files and services.
This can be tempting to use, especially for those coming from "mac os classic".
Because of the security implications of enabling the root account, or "System Administrator," we strongly recommend that you leave it disabled. If ITS services your computer and finds that the root account is enabled on it, expect that we will have a discussion about why you need to have it enabled -- again, neither Apple or RIT recommend that you have it enabled.
Nearly every task you will need to accomplish on your Mac OS X computer can be handled by an administrator-level account. The vast majority of daily tasks can be accomplished with a normal user account -- one that doesn't have any administrator privileges. (For that reason, to achieve further security, we strongly advise limiting access to administrator-level accounts, as well).
For more details on enabling, using, and disabling the root account, see le Knowledgebase article 106290. Again, if you enable the root account, you should only do it for short amounts of time, you should use an extremely secure password, and you should disable the account again immediately.
