What is the best practice for local admin account? I mean, should it be disabled, should i change the default name to something else, how often should the password change. Can it be hidden in a windows 2008 server? ...things like that. Sorry if this is a duplicate thread. I tried looking for it, but could not find what i was looking for.

This varies by how security paranoid ;-) you are. Overly Paranoid ;-O Rename account, change password every xx days. Manageably Paranoid ;-) (usually considered the best option) Rename account, password never expires, change once ever few months/years Could care less nobody's breaking my password, or i have nothing people want. Keep account name, never change password.