One of the first things I do when I setup a new server is create a new administrator account and disable the original administrator account. This makes it much harder for an attacker to gain entry to your systems as now they have to guess both the account name AND the password.

Now many people/sites recommend to rename the administrator account. While this does increase the complexity to get in the Administrators ID in the security database is fixed (I think in the NT 4.0 days the administrator always had an ID of 500). If I gain access to that database it is trivial to find out what the password has been renamed too. Hence why I create a brand new account.

Another thing with the default Administrator account is that there is not an account lockout policy. This means that an attacker could try to brute force the administrator password without ever getting locked out. This is done because members of the Administrator role would need to be able to log in to unlock an account. If there was a lockout policy on the Administrator account I could deny access to you by purposely failing my logins.

One really neat thing I found out though is that when you forget the password or lockout the new admin account, you can reboot the system in safe mode and login as the Administrator account. If the system is in safe mode is disregards the "account is disabled" flag.

What I have done with my servers is give them all the Administrator accounts the same password and disable them. Then I set each server to have a different password for the custom named administrator account. If I forget one of these passwords all I need to do is reboot into safe mode and login with my common admin password. 

Granted, having a unique Administrator password would be even better I would never remember them all. So this is my balance between security and usability.