41 User Admin Accounts

The type of user account you use on your computer is important when it comes to your security and is often overlooked. It is good practice in many businesses for staff to use limited ‘standard’ user accounts on their computers, while the majority of home computers only have the one user account which by default has full administrator privileges. A standard user cannot add new software or make major system changes, which means that if they click on a malicious link that tries to install something, they are then prompted to enter a username and password for an account with admin rights in order to install the new piece of software. A user with full admin rights is not prompted when new software is installed as they already have all the permissions necessary, which makes them more susceptible to malicious infections.

The principle of least privilege means only giving access and permission to what is required to do a particular role and is worth adopting for home computers by running as a standard user, as it increases your overall security without any additional cost. If you only have one account on your computer, you cannot remove the admin rights though. So, in order to log in to your computer with a standard account, you first need to create an additional user account with a new strong password that you can easily remember and give that full administrator rights. Once this is done, you can then remove the admin rights from your own account. It is important to remember the new password, because if you forget it or record it incorrectly, you will not be able to makes changes to your computer.

In Microsoft Windows, you create new users by going to the Users Accounts area of Control Panel. Next, select ‘Manage another account’ from the User Accounts dialog window.

At the bottom of the window, click ‘Add a user account’ and enter a name like myAdmin and your chosen easy to remember but strong password. Once you have created the new account, you the need to give it Administrator rights by selecting it and then clicking on ‘Change the account type’ to let you choose either a Standard or Administrator account.

The next step is to change the account type of your main account to a Standard account, then log off and log in again or restart your computer. The next time you need to install anything or need to right click a program and select Run as administrator, you will need to enter the admin account name and password to continue. This also stops other family members who also use your computer from installing software without your knowledge. Just make sure you don’t lose or forget the new admin password once you remove the rights from your own account.

Index or next chapter Internet of Things