Administrative and regular account?

[robgendreau]

Help settle a debate.

The issue is whether a single user of a computer should have both an administrative account and a regular account, using the regular account for day-to-day activity. The computer is often connected to the internet or LANs, and is accessed remotely for various tasks. There are also all the normal cloud sharing things going on, like Dropbox, box.net, SpiderOak, etc, but it's not like it's a dedicated file server.

My feeling is that having one account with admin privileges is sufficient, since Apple has set up things so that you'd need to enter the admin password for most changes to the system. And that if this password were compromised access could be gained even if one were logged on as a non-admin. So why mess with a non-admin account on a non-shared Mac?

Thoughts?

 

[Morod]

My wife and I share the iMac here and we're the only ones that use it.
We use a non-admin account for our day-to-day activity. Just a "best practices" thing I've gotten into over the years. It's no hassle to me to supply the admin info when I need to install software.
Best of luck in whatever you decide to do.

 

[rm -rf /*]

Winner is...

Best practice is to use a regular account and keep root disabled. You can always type in the administrator name and password for things that require such authorization.

 

[Mal]

My wife and I share the iMac here and we're the only ones that use it.
We use a non-admin account for our day-to-day activity. Just a "best practices" thing I've gotten into over the years. It's no hassle to me to supply the admin info when I need to install software.
Best of luck in whatever you decide to do.

Best practice is to use a regular account and keep root disabled. You can always type in the administrator name and password for things that require such authorization.

Sorry, but this is not considered "best practice" by those who understand Mac OS X. There is no advantage to running as a standard user.

Best practice is to use your Mac as intended: Administrator accounts for those users who should be allowed to install software and change critical settings, and standard users for those who should not be allowed access to those things. Because OS X does not authorize apps to run with elevated privileges even when using an admin account, there is no increased risk to running as an administrator for everyday usage.

OP, I would simply create an account for each person that intends to use the machine. If that person cannot be trusted or does not wish to make system-wide changes, make them standard users. If it is a single-user machine, there should be one account, which would by default be an administrator account.

jW

 

[robgendreau]

And I've noted that you have to take extra steps to even enable root; I don't believe it's enabled for administrators by default.

Rob

 

[johto]

If it is a single-user machine, there should be one account, which would by default be an administrator account.

jW

On a new machine, I always create my first account simply named "admin" and give it the admin rights, then create my REAL account which i usually leave as "standard". It could be administrator too, but the main point i'm getting is:

It's always good to have a "backup" account and use it only when needed, because if you f00bar your "only" account, it's harder to do repairs / troubleshooting.

 

[jasonvp]

On a new machine, I always create my first account simply named "admin" and give it the admin rights, then create my REAL account which i usually leave as "standard".

That's precisely what I do. I never, or nearly never log into the machine as the admin account unless I absolutely have to. My standard account can't write anything anywhere unless I authenticate as the admin account.

jas

 

[GGJstudios]

Mal is right. There is little or no advantage to be gained by running a standard account, as opposed to an admin account.

 

[Comeagain?]

Mal is right. There is little or no advantage to be gained by running a standard account, as opposed to an admin account.

Unless your incredibly impulsive, in which the extra step may help deter rouge actions. However, it just seems to add unneeded complexity for no gain.

 

[robgendreau]

I think the winner is one account with admin rights if there is one user on the machine. I have not seen any arguments that countervail the premise that simpler is better, when given a choice.

And from checking around, I found that there are some instances where having two accounts for the same person with different privileges causes problems. The simplest being that the user forgets which one they are in, and thinks they've lost their stuff. Or they are diligent, but when in the less-used admin account they don't have access to passwords and whatnot stored in the other account (yeah, I realize that is sort of the point, but when security isn't simple and easy it often gets bypassed).

So I think I'll set them up going forward with one account.

thanks for the comments.

Rob

 

[gentlefury]

Yeah, this is a very old windows way of thinking. I have always had the admin account be my account...be it windows, mac or linux. This was always touted as best use practice because most windows users don't know what they are doing and could possibly delete system critical files or mess up the registry...if you know what you're doing tho, it doesn't matter.

 

[rm -rf /*]

Standard FTW

It's a simple way to add increased security due to mistakes (typing in PW for a plugin that's a trojan) and other security risks. It's so easy to run in Standard and use your admin credentials, it's silly not to.

 

[Mal]

It's a simple way to add increased security due to mistakes (typing in PW for a plugin that's a trojan) and other security risks. It's so easy to run in Standard and use your admin credentials, it's silly not to.

Do whatever you want, but it's already been shown multiple times that running in a standard account has absolutely no effect on your security, particularly in the case you mentioned. If something requires a password in an admin account (like the trojans that have come out) they will also require it for a standard account and the same security "risk" will exist. Better to use safe computing practices than useless complexity like multiple accounts.

jW

 

[BK.]

Does it matter on OS X? I'm the only user of my computer - it's mine and nobody else uses it - and I'm an administrator by default as I'm the default user created on first boot.

Even so, I'm asked for my administrator password (well, technically I don't have a password, so I don't type anything in, just hit OK, but you get the gist) for some actions despite already been logged on as an admin.

If this login appears whether I'm a standard user or an admin (even an admin without a password!) then I don't see what difference it makes.

Maybe if that login prompt didn't appear to admins then I could see the point. But as it appears either way then I can't see it making much of a difference.

 

[GGJstudios]

It's a simple way to add increased security due to mistakes (typing in PW for a plugin that's a trojan) and other security risks. It's so easy to run in Standard and use your admin credentials, it's silly not to.

Any app or plugin that requires elevated privileges will ask for the admin password, whether running on a standard or admin account. There is no difference.

 

[MacManiac76]

Does it matter on OS X? I'm the only user of my computer - it's mine and nobody else uses it - and I'm an administrator by default as I'm the default user created on first boot.

Even so, I'm asked for my administrator password (well, technically I don't have a password, so I don't type anything in, just hit OK, but you get the gist) for some actions despite already been logged on as an admin.

If this login appears whether I'm a standard user or an admin (even an admin without a password!) then I don't see what difference it makes.

Maybe if that login prompt didn't appear to admins then I could see the point. But as it appears either way then I can't see it making much of a difference.

Now this is an instance that is absolutely stupid as far as security goes, not having an admin password at all. You have essentially left yourself with no security. Just because you are the only user doesn't mean there are not security risks. What if it happens to get stolen, etc.?

 

[BK.]

Now this is an instance that is absolutely stupid as far as security goes, not having an admin password at all. You have essentially left yourself with no security. Just because you are the only user doesn't mean there are not security risks. What if it happens to get stolen, etc.?

If they managed to get through three locked doors, one that requires a swipe card for access, and two more locked with mechanical keys, then them stealing my desktop computer would be the least of my worries.

It's called perspective. If someone has physical access to my computer i.e. they are in my room, then them having access to my iTunes library, Word documents and .gif collection is pretty low on my list of things to worry about.

 

[MacManiac76]

If they managed to get through three locked doors, one that requires a swipe card for access, and two more locked with mechanical keys, then them stealing my desktop computer would be the least of my worries.

It's called perspective. If someone has physical access to my computer i.e. they are in my room, then them having access to my iTunes library, Word documents and .gif collection is pretty low on my list of things to worry about.

It's still stupid period. Nobody in their right mind would recommend to have no password at all.

 

[BK.]

It's still stupid period. Nobody in their right mind would recommend to have no password at all.

Stupid? Perhaps.

I can't remember the part where I was asking for recommendations or giving them, though.

Never mind, just scrolled back up... I didn't. Seems like you pulled that one out of your arsehole Surprise, surprise.

 

[Mal]

Now this is an instance that is absolutely stupid as far as security goes, not having an admin password at all. You have essentially left yourself with no security. Just because you are the only user doesn't mean there are not security risks. What if it happens to get stolen, etc.?

It's still stupid period. Nobody in their right mind would recommend to have no password at all.

There are plenty of people who have no need to set a non-null password. Insulting another poster because they decided the convenience of a blank password outweighed minor security risks is an incredibly rude thing to do, and is not tolerated here. Please think through your posts before you do something like this in the future.

jW

 

[robgendreau]

It's back to the point Mal made. The best security is security you actually use and think about. Not leaving anything on a computer that is sensitive or irretrievable by other means is good security; in that case who cares about a password, one that can be bypassed anyway? It shows that someone is thinking about security, which is the important point. I worked in a place where they'd do mindless things like require us to have complex passwords that we had to change every 90 days. So you could walk into the office and start 75% of the computers just by reading the post-its stuck to the monitors

I'm sure Apple gave it some thought, and have concluded that the typical user who starts up the computer for the first time becomes administrator by default. As I said, I haven't yet seen any convincing argument for changing that. Even with computers I set up for other people; I still think that allowing them to personalize their personal computer is a good thing.

 

[Mal]

It's back to the point Mal made. The best security is security you actually use and think about. Not leaving anything on a computer that is sensitive or irretrievable by other means is good security; in that case who cares about a password, one that can be bypassed anyway? It shows that someone is thinking about security, which is the important point. I worked in a place where they'd do mindless things like require us to have complex passwords that we had to change every 90 days. So you could walk into the office and start 75% of the computers just by reading the post-its stuck to the monitors

I'm sure Apple gave it some thought, and have concluded that the typical user who starts up the computer for the first time becomes administrator by default. As I said, I haven't yet seen any convincing argument for changing that. Even with computers I set up for other people; I still think that allowing them to personalize their personal computer is a good thing.

Very good grasp of the concept, it seems. I think you've got your best scenario for moving forward.

jW