Protecting accounts is the first line of defence to protect your information from cybercriminals.
The following guidance can be used to assist in securing accounts against cybercriminals.
Protecting accounts is the first line of defence to protect your information from cybercriminals.
Administrator accounts are the ‘keys to the kingdom’, as they give a user full control of the computer. Cybercriminals will target administrator accounts in order to take full control of a user’s computer. By not using an administrator account for everyday use you will help limit what a virus or exploit can access if your computer becomes infected.
User accounts #
What is a standard user account or administrator account?
A standard user account is a user that has partial control of the computer and often cannot make changes to other users on the computer. A standard user account should be used for everyday home tasks, such as editing photos and browsing the web.
An administrator account is a user that has complete control of the computer and can make changes that affect other users of the computer, like installing programs and accessing all files on a computer.
Why it is important to not to use an administrator account for everyday use?
Administrator accounts are the ‘keys to the kingdom’, as they give a user full control of the computer. Cybercriminals will target administrator accounts in order to take full control of a user’s computer. By not using an administrator account for everyday use you will help limit what a virus or exploit can access if your computer becomes infected.
The daily use of an administrator account on a computer can be likened to a caretaker using an apartment block master key to enter their own apartment, instead of the dedicated apartment key. Whilst the apartment and master key achieve the same purpose for the caretaker (and might seem convenient for their day job), carrying a master key all the time opens up the caretaker to a greater risk of compromise to the entire building if they lose control of the master key.
Where do I change it?
Modification of standard user and administrator accounts can be done in Control Panel. Icons and language may differ slightly depending on the build version of Windows you are using.
Checking user accounts on Windows 10 #
- Click on the Windows icon and type “Control Panel” and click on Control Panel app.
- Click User Accounts. Please note that you will need to be on or have access to an administrator account to make any of these changes. If you do not have access to this account or it is managed by a service provider, please contact the relevant local administrator or your service provider.
- Select Add or Remove user accounts.
- Check to see if there are any unusual accounts (missing or unaccounted accounts). You should only have one administrator account and your daily use account should not be the administrator account. From here on, all the next steps will start from here.
Changing the account type on Windows 10 #
- Click on the User you want to make changes.
- Click on Change the account type.
- Choose if you want the account to be a standard account or administrator. Then click on Change Account Type.
Removing accounts on Windows 10 #
- Click on the user you want to remove.
- Click on Delete the account.
- Choose between deleting all the files of the user you are removing or to keep the files.
- Click Delete Account to confirm you are removing the account.
Creating a new account on Windows 10 #
- Click on Add a new user in PC settings.
- Scroll down and click on Add someone else to this PC.
- Enter the username, passphrase and security question/answers. Click Next, by default this new user will not have administrator access. You can also create a new user account using a Microsoft account, however you must be connected to the internet.
Protecting accounts is the first line of defence to protect your information from cybercriminals.
Administrator accounts are the ‘keys to the kingdom’, as they give a user full control of the computer. Cybercriminals will target administrator accounts in order to take full control of a user’s computer. Not using an administrator account for everyday use will help limit what a virus or exploit can access if your computer becomes infected.
User accounts #
What is the difference between a user account and an administrator account?
A user account is an account that has partial control of a computer and often cannot make changes to other accounts on the computer. A user account should be used for everyday home tasks, such as editing photos and browsing the internet.
An administrator account is an account that has complete control of the computer and can make changes that affect other users of the computer – e.g. installing programs and accessing all files on a computer.
Why it is important to not to use an administrator account for everyday use?
Administrator accounts are the ‘keys to the kingdom’, as they give a user full control of the computer. Cybercriminals will target administrator accounts in order to take full control of a user’s computer. Not using an administrator account for everyday use will help limit what a virus or exploit can access if your computer becomes infected.
The daily use of an administrator account on a computer can be likened to a caretaker using an apartment block master key to enter their own apartment, instead of the dedicated apartment key. While the apartment and master key achieve the same purpose for the caretaker (and might seem convenient for their day job), carrying a master key all the time opens up the caretaker to a greater risk of compromise to the entire building if they lose control of the master key.
Where do I change it?
Modification of user and administrator accounts can be done in System Preferences. Icons and language may differ slightly depending on the version of macOS you are using.
Checking user accounts on macOS #
- Click on the Apple icon in the top-left of your screen and click on System Preferences.
- Click User & Groups.
- Check to see if there are any unusual accounts (missing or unaccounted accounts).
You should only have one administrator account and your daily use account should not be the administrator account.
All the next steps start from here.
Changing the account type on macOS #
-
You may need to unlock the User & Groups preference pane.
To do this click the padlock icon in the bottom-left of the System Preferences window, enter your administrator password, and click Unlock.
The padlock will appear to be open when you enter your administrator password correctly.
- Select the account you want to change from the list of accounts on the left.
- Check or uncheck the box ‘Allow user to administer the computer’.
- When changing the user type, you will need to restart the computer for your changes to take effect.
Removing accounts on macOS #
- Select the account you want to remove from the list of accounts on the left.
- Click on the ‘–’ icon shown highlighted in the graphic.
- Choose between deleting all the files of the user you are removing or keeping the files.
- Click Delete User to confirm you are removing the account.
Creating a new account on macOS #
- You may need unlock the Users & Groups preference pane – click the locked padlock icon in the bottom-left, enter your administrator password, and click Unlock. When this pane is unlocked, the padlock will appear to be open.
- Click the ‘+’ icon shown highlighted in the graphic. Select the New Account type as ‘Standard’.
- Enter the Full Name, Account Name, Password/Passphrase and Password Hint highlighted in the graphic. Click Create User.
- When you are done adding users, click the open padlock icon to lock the Users & Groups preference pane to prevent further changes. When this pane is locked, the padlock will appear closed.