3DSC 2.2: Standard User Accounts

Though it is a phrase that is normally applied to the corporate or government sectors, personal computers should also employ and adhere to the Principle of Least Privilege (PLP).  The Principle of Least Privilege is a concept stating that any user should have only the permissions necessary to do his or her job.  At the home-user level this means creating and using a Standard User account rather than performing day-to-day operations on an Administrator account. Today’s security task is to implement the PLP by setting up a standard user account

Standard User Accounts

Difficulty: Moderate
Active Time: 5 minutes to two hours
What it protects you from: Malware
NOTE: Setting up the account is not the hard part. Migrating all your data and setting up a new desktop will be the most time-consuming step in the process.

Using an Administrator account is perhaps one of the most common errors I see committed by home computer users. This mistake that has caused me endless frustration in “fixing” friends’ computers that have become thoroughly infected with malware. These computers become so thoroughly infected because they are always running with administrator-level privileges.  The ability to make system-wide changes like executing programs or deleting other users’ files is not necessary for daily use.  Running on a standard user account still allows you to do these things, but only after entering the administrator password to confirm that you actually want this action to occur.  Though it may not seem like it, this step is so important that even Microsoft recommends it.

Because Administrator accounts have the necessary privileges to install programs, executable files may be able to run on an Administrator account without having to ask permission.  If permission is required, malicious executables are sometimes capable of tricking the user into agreeing to install the program.  Standard User accounts have fewer permissions, and the most important permission a Standard User account lacks is the ability to install programs without permission from the administrator.  When a malicious program attempts to install itself on a Standard User account, a prompt will appear asking for permission from the Administrator (and the administrator’s password if the account is password protected).  Seeing a password prompt alone should be enough to make a user question whether he or she really wants to allow the executable to run.

Standard User Accounts for Windows 10

Windows has two different types of accounts: Standard User and Administrator.  A Standard User account has all of the necessary privileges for most of us to do the jobs we do on home computerss.  Even though I work at a computer daily, I only rarely log into an administrator account.  User accounts have the privileges necessary to do most day-to-day tasks including creating, opening, editing, and saving documents, browsing the internet, etc.  There are a very small handful of things a User account does not have the privileges for, the most important of which is installing programs.

When you purchase a new Windows computer, the only account that is enabled by default is an Administrator account.  Many home users will never create another account, choosing instead to work only inside this account.  This is problematic as it makes the computer more susceptible to malware and viruses.  To set up a user account, navigate to: Settings >> Family & other people >> Add a family member. At this point, Windows 10 will prompt you to sign into a Microsoft account. I strong recommend against this. Instead you can set up a local account. Thought Windows makes a strong-armed attempt to steer you toward an online account, the directions below should allow you to avoid doing so.

First, instead of clicking “Add a family member”, scroll down to “Add someone else to this PC”.

Standard User AccountOn the next screen you will be asked for the person’s email address or telephone number. Do not provide this information. Instead, go to the bottom of the screen and click “I don’t have this person’s sign-on information”.

Standard User AccountsThe next screen will attempt to get you to create a Microsoft account. Don’t do it. Scroll to the bottom and click “Add a user without a Microsoft account”.

Standard User AccountsYou will finally be allowed to create a name and password for the account.

Standard User Accounts

Standard User Accounts for MacOS

Setting up a user account in OS X is a relatively uncomplicated affair.  Open the System Preferences and click Users and Groups.  Click on the padlock icon at the bottom left of the interface and enter your password when prompted (assuming your administrator account is password protected).  Click the “+” icon just above the padlock to create a new user account.

Standard User Account

A Couple More Considerations…

Account Naming:  There is a tendency to give Standard User and Administrator Account distinctive names.  For instance, a family of four might name their accounts Justin, Sarah, David, and Ashley.  Unfortunately, these unique account names associate themselves with many things.  For example, Microsoft Office records the creator of file by recording the User account name under which it was created in the metadata.  If you send out files (of any type) this may leak information about you or your family.  For this reason I strongly encourage using bland generic names such as Administrator, User 1, User 2, and so on

Passwords:  The administrator accounts and user accounts should be password protected with different passwords. Though I recommend using long, complex passwords in most cases, I recommend (and use) easily memorable passwords that are quick and easy to type for the Administrator and User accounts.  This is because the password protection on these accounts offers very little actual security.  Having a password can hinder anyone attempting to install malicious software on your device.

Migrating Your Data:  The unfortunate part of setting up a new account is that you will have to migrate your data, programs, and desktop to a new account.  If you don’t have the time to migrate today, don’t worry about it.  However, you should perform all the future tasks in the 30-Day Security Challenge on your Standard User account.  To ease the process of migrating your data, I recommend taking the following steps:

  • While logged into your administrator account, set up a shared folder
  • Import your documents, photos, and other files into the shared folder
  • Log out of your administrator account, and log into the standard user account
  • Copy all files to a folder that is not shared
  • Finally, log back into the administrator account and delete the shared folder

Thanks for joining, and I’ll see you all tomorrow for the third day of the challenge!

4 thoughts on “3DSC 2.2: Standard User Accounts”

  1. A better way to do it : don’t move anything. Create a new administrator account. Downgrade your previous admin account to non-admin. Done.

    This has the huge advantage of keeping all your environment : not only documents, which are the least problematic to move, but all your installed software and customisation, which can amount to hundreds hours of work (and you just can’t move those).

    You say : “There are a very small handful of things a User account does not have the privileges for, the most important of which is installing programs.” This is hugely important, because Microsoft, and the whole Microsoft-induced technical literature, does not stress that enough.

    In fact, contrary to what Microsoft texts suggest in many places, you don’t even need to access your admin account to install software, since you can elevate your rights from within your non-admin account — which changes everything.

    However, there are still irritating drawbacks to living under non-admin, which I won’t detail here, but can be summed up in a few words : despite Microsoft’s hectoring on the subject, Windows and the Windows environment have not been designed for computer owners to work under non-admin.

    The normal, implied situation is one where business users rely on an IT manager to administer their computers through his admin account, and another where home users rely on the head of the family to do the same through his. This becomes obvious if you follow official advice, as I have done, are a good boy, and live under non-admin on your own, non-shared, non administered from the top Windows computer.

    1. I strongly recommend that you DO NOT downgrade an existing administrator account. The reason I don’t even mention it is I have locked myself out of my machine entirely by doing so. I was able to correct the issue but this may be a major issue for some readers.

  2. Interesting. How does this happen ? Is that only because one would have forgotten to create another, admin account before ? Or might there be other reasons ? Does Windows even allow you to downgrade from admin to non-admin, if there’s not another existing admin account ?

    I have seen someone advise that you should have not one, but two admin accounts, just in order not to be locked out accidentally. There’s also
    this argument according to which there’s not always a benefit in living under non-admin — although I’m unable to evaluate it.

    1. I’m not sure how it happens, but it happened to me and I’ve had to fix it for students twice. In all cases a new admin account had been created before downgrading. The result was neither account could log in. Not a huge deal if you have the tools to bypass the account password, but could be an issue for most home users.
      I’ll take a look at that article, too – thanks!

Leave a Reply

Your email address will not be published.