Though it is a phrase that is normally applied to the corporate or government sectors, personal computers should also employ and adhere to the Principle of Least Privilege (PLP). The Principle of Least Privilege is a concept stating that any user should have only the permissions necessary to do his or her job. At the home-user level this means creating and using a Standard User account rather than performing day-to-day operations on an Administrator account. Today’s security task is to implement the PLP by setting up a standard user account.
Standard User Accounts
Active Time: 5 minutes to two hours
What it protects you from: Malware
NOTE: Setting up the account is not the hard part. Migrating all your data and setting up a new desktop will be the most time-consuming step in the process.
Using an Administrator account is perhaps one of the most common errors I see committed by home computer users. This mistake that has caused me endless frustration in “fixing” friends’ computers that have become thoroughly infected with malware. These computers become so thoroughly infected because they are always running with administrator-level privileges. The ability to make system-wide changes like executing programs or deleting other users’ files is not necessary for daily use. Running on a standard user account still allows you to do these things, but only after entering the administrator password to confirm that you actually want this action to occur. Though it may not seem like it, this step is so important that even Microsoft recommends it.
Because Administrator accounts have the necessary privileges to install programs, executable files may be able to run on an Administrator account without having to ask permission. If permission is required, malicious executables are sometimes capable of tricking the user into agreeing to install the program. Standard User accounts have fewer permissions, and the most important permission a Standard User account lacks is the ability to install programs without permission from the administrator. When a malicious program attempts to install itself on a Standard User account, a prompt will appear asking for permission from the Administrator (and the administrator’s password if the account is password protected). Seeing a password prompt alone should be enough to make a user question whether he or she really wants to allow the executable to run.
Standard User Accounts for Windows 10
Windows has two different types of accounts: Standard User and Administrator. A Standard User account has all of the necessary privileges for most of us to do the jobs we do on home computerss. Even though I work at a computer daily, I only rarely log into an administrator account. User accounts have the privileges necessary to do most day-to-day tasks including creating, opening, editing, and saving documents, browsing the internet, etc. There are a very small handful of things a User account does not have the privileges for, the most important of which is installing programs.
When you purchase a new Windows computer, the only account that is enabled by default is an Administrator account. Many home users will never create another account, choosing instead to work only inside this account. This is problematic as it makes the computer more susceptible to malware and viruses. To set up a user account, navigate to: Settings >> Family & other people >> Add a family member. At this point, Windows 10 will prompt you to sign into a Microsoft account. I strong recommend against this. Instead you can set up a local account. Thought Windows makes a strong-armed attempt to steer you toward an online account, the directions below should allow you to avoid doing so.
First, instead of clicking “Add a family member”, scroll down to “Add someone else to this PC”.
On the next screen you will be asked for the person’s email address or telephone number. Do not provide this information. Instead, go to the bottom of the screen and click “I don’t have this person’s sign-on information”.
Standard User Accounts for MacOS
Setting up a user account in OS X is a relatively uncomplicated affair. Open the System Preferences and click Users and Groups. Click on the padlock icon at the bottom left of the interface and enter your password when prompted (assuming your administrator account is password protected). Click the “+” icon just above the padlock to create a new user account.
A Couple More Considerations…
Account Naming: There is a tendency to give Standard User and Administrator Account distinctive names. For instance, a family of four might name their accounts Justin, Sarah, David, and Ashley. Unfortunately, these unique account names associate themselves with many things. For example, Microsoft Office records the creator of file by recording the User account name under which it was created in the metadata. If you send out files (of any type) this may leak information about you or your family. For this reason I strongly encourage using bland generic names such as Administrator, User 1, User 2, and so on
Passwords: The administrator accounts and user accounts should be password protected with different passwords. Though I recommend using long, complex passwords in most cases, I recommend (and use) easily memorable passwords that are quick and easy to type for the Administrator and User accounts. This is because the password protection on these accounts offers very little actual security. Having a password can hinder anyone attempting to install malicious software on your device.
Migrating Your Data: The unfortunate part of setting up a new account is that you will have to migrate your data, programs, and desktop to a new account. If you don’t have the time to migrate today, don’t worry about it. However, you should perform all the future tasks in the 30-Day Security Challenge on your Standard User account. To ease the process of migrating your data, I recommend taking the following steps:
- While logged into your administrator account, set up a shared folder
- Import your documents, photos, and other files into the shared folder
- Log out of your administrator account, and log into the standard user account
- Copy all files to a folder that is not shared
- Finally, log back into the administrator account and delete the shared folder
Thanks for joining, and I’ll see you all tomorrow for the third day of the challenge!