It’s a recommended best practice to change the name of the administrator account to make it more difficult for hackers to find, but renaming it doesn’t always hide it as well as you might think. That’s because there are hacker tools that can find the administrator account based on its Security ID, which always ends in 500.
To protect against these tools, you need to use Group Policy to prevent Windows from displaying SIDs. To do so, open the Local Security Settings MMC (run secpol.msc) and navigate to Local Policies | Security Options. In the right details pane, click Network Access: Allow Anonymous SID/Name Translation and disable the policy. You can apply this to the whole domain by editing the default domain policy instead of the local security policy.