'distributor_admin' is a SQL-auth account that is used for replication. Out of the box it is granted sysadmin and currently it looks like that can not be dialed back to db_owner (see related [Does distributor_admin need sysadmin?](https://topanswers.xyz/databases?q=872) ). According to [some sources (pg4 of PDF)](http://www.mcafee.com/us/resources/white-papers/foundstone/wp-low-hanging-fruits.pdf) distributor_admin is one of the top eight SQL usernames used in brute force attacks. It is considered a [best practice to rename the 'sa' account](https://dba.stackexchange.com/questions/103825) can the 'distributor_admin'be renamed also? I looked around and don't find anyone suggesting this alternative. I found a few posts that [implied the **possibility** of the 'distributor_admin'](https://support.microsoft.com/en-us/kb/818334) being hard coded into the replication process. There is not a lot of recent documentation about the distributor_admin account with replication.
No it can't be renamed. The good news is that the account only exists on the distributor, which doesn't really contain any user data. You can safely disable the account when you aren't setting up new replication publishers. If you need to setup a new publisher, enable the account setup the publisher then disable the account again. It does need to have `sysadmin` rights. It needs to be able to create linked servers.