What Accounts do I need?

[doubledee]

This may be another "religious battle", but...

What User Accounts should I create when I set up my new cMBP??


View #1:
Mac's are secure enough, just create a "DoubleDee" Admin account and be done with it?!


View #2:
You need to segment things.

Create an "Admin" account for maintaining your MacBook and installing Software and what-not, and then create a stripped down "DoubleDee" account from which you do your day-to-day activities.


View #3:
Something else??


I am the only person who will ever be using my using my cMBP, and security is *very* important to me, but I also don't want to turn my life into a maintenance hell.

Probably my evil Windows past, but it seems like a drag to have to log-out and log-in to another account every time you want to patch FireFox or install an app or change computer settings...

Then again, considering that I am getting neurotic about hings like FDE and EFI Passwords and so on, maybe I need to be consistentlu paranoid about User Accounts??

Sincerely,


Debbie

 

[simsaladimbamba]

An admin account is just fine, no need for a standard account for daily tasks.

I run an admin account on my Macs for daily tasks, my data has not been compromised, my Macs have not been infected with any kind of malware, and that for the past nine years using Mac OS X.

 

[doubledee]

What does everyone else think?

Based on my upbringing, it still seems like you should have a dedicated "Admin" account and then a "Day-to-Day" account?

Sincerely,


Debbie

 

[smokeyrabbit]

An admin account is just fine, no need for a standard account for daily tasks.

I run an admin account on my Macs for daily tasks, my data has not been compromised, my Macs have not been infected with any kind of malware, and that for the past nine years using Mac OS X.

Exactly. Why needlessly introduce another level of complexity. I've been a Mac OS X user since 10.0 twelve years ago. Also, you already have the root user if you want a super secret invisible admin account.

 

[doubledee]

Exactly. Why needlessly introduce another level of complexity. I've been a Mac OS X user since 10.0 twelve years ago.

Because conventional wisdom says, "If you always run as Admin, and somehow your system is compromised, then you have just given the hacker *complete* control to your computer!!"

By contrast, if I was working on a daily basis as a "Standard User", then it - in theory - would be much harder for a hacker (or malware) to take over my machine.

Also, you already have the root user if you want a super secret invisible admin account.

Side topic: On my new cMBP, is the "Root User" account enabled or disabled?

From what I have read - which isn't much on this topic - you should DISABLE this account unless you have a really really good reason to use it!!!

(I'm trying to be very methodical here s I set up my new cMBP, so I can rest assured that all of my business data is safe and sound, and that I don't have any gaping holes like how I just discovered that you can hack into any MacBook in under 60 seconds by having physical access unless it has File Vault turned on?!)

Sincerely,


Debbie

 

[smokeyrabbit]

Because conventional wisdom says, "If you always run as Admin, and somehow your system is compromised, then you have just given the hacker *complete* control to your computer!!"

By contrast, if I was working on a daily basis as a "Standard User", then it - in theory - would be much harder for a hacker (or malware) to take over my machine.

No. Anyone who knows any admin password can "take over" your machine, whether you're using an admin account or not. You seem unusually convinced that someone is out to get your information. I suggest keeping your machine under lock and key will do more to "protect" you than anything else.

Also, the "hacking your MacBook under 60 seconds" thing was from 2006.

 

[doubledee]

No. Anyone who knows any admin password can "take over" your machine, whether you're using an admin account or not.

You're talking about something completely unrelated...

(I'm not talking about anyone getting my Password.)


If I am logged is an Admin, and I download malware or whatever, then if OS-X is like any other operating system, more damage can be done than under a non-Admin account. (Unless someone can show me differently.)

You seem unusually convinced that someone is out to get your information. I suggest keeping your machine under lock and key will do more to "protect" you than anything else.

Don't follow the news much, eh?

In case you haven't noticed *security* is much more important than in the 1980's...

Also, the "hacking your MacBook under 60 seconds" thing was from 2006.

I don't know when it was, but I Googled the topic last night, and was floored to see the multiple ways anyone can get access to your Mac even though it is *supposed* to be protected by a User Account and Password.

(That has to be the single stupiest engineering design of the millennium... Make users create a Username and Password, but don't actually enforce it?!)

Sincerely,


Debbie

 

[benwiggy]

Logging in as the root user is disabled by default. Plenty of processes run as root, but you can't log in as root user unless you deliberately enable it.

I would perhaps suggest having a spare admin account, just in case your regular admin account gets fubarred, which, if it is your day-to-day account, is a possibility.

I do have to say, though, doubledee: the amount of time you spend on researching security and "double-locking" your Mac, it's a wonder that you have any time at all for creating any confidential material worth stealing.

 

[doubledee]

Logging in as the root user is disabled by default. Plenty of processes run as root, but you can't log in as root user unless you deliberately enable it.

Good!

I would perhaps suggest having a spare admin account, just in case your regular admin account gets fubarred, which, if it is your day-to-day account, is a possibility.

I think most security experts would say "Administer using an Admin account, and do day-to-day things with a Standard Account."

However one thing that has made me leery of having an Admin and a Standard account is this issue...

In the past - on both Windows and this Mac - when I set up an Admin and a Standard account, it seemed like I had to configure two separate computers?!


(I know when I used to rebuild my Windows machines - usually every 6 to 9 months - it took me 12 hours to go from blank HDD to completely customized machine, with all data transferred, Application and Op Sys Preferences exactly like I wanted, etc?!)

The last thing I want to do is have to do all of that under a new Admin account, and then have to do it again for my Standard account?!

I'm not sure where I fall on the continuum, but I consider myself a "Power User".

I have lots of Development Apps, Customized App Settings, Customized System Settings, and so on that take an enormous amount of time to get "just right".

So I don't want to install and tweak things as Admin and then have to do it again as Standard if possible.

-----
One other thing that I just thought of...

If I start using File Vault 2, how does having an Admin and a Standard account play into the FDE??

I do have to say, though, doubledee: the amount of time you spend on researching security and "double-locking" your Mac, it's a wonder that you have any time at all for creating any confidential material worth stealing.

Ha ha!!

Well, that is exactly why I am giving things such a serious look up front...

Here I have a "virgin" cMBP still in the box, and I have a chance to "build it up from the ground" and make it as secure (or not) as I choose.

And, if I invest the time up front, then down the road things should run smoothly (and securely) in the background for a long time!!

My new cMBP will have *my* Business Data on it, and that is of value at least as great as any of my day client's have on their systems (e.g. Banks, Health Insurance, Gov't, etc.)...

So am I taking this very seriously?! Damn right!!!

Sincerely,


Debbie

 

[Apple fanboy]

I use my admin account for my day to day tasks and have no issues. My daughter & wife both have an account with out admin rights, and I really don't want (or apparently need) another.
I feel safe enough using this set up. I don't worry too much about people wanting to get on my system. Thats what firewalls and passwords are for.

 

[chown33]

I'm not sure where I fall on the continuum, but I consider myself a "Power User".

I have lots of Development Apps, Customized App Settings, Customized System Settings, and so on that take an enormous amount of time to get "just right".

So I don't want to install and tweak things as Admin and then have to do it again as Standard if possible.

Then don't.

After the initial admin user is created, do only a tiny amount of customization, such as adding Terminal.app to the Dock. Then use the initial admin user to create a non-admin everyday user account. Immediately log out of the admin user, and go setup all your preferences and whatnot from the everyday user. DO NOT login using the admin user ever again, unless it's absolutely necessary.

You should be able to use various System Preferences panes that require unlocking simply by entering the name/password of the admin user. Same applies to installing apps. But do all this while logged in as the everyday user, NOT while logged in as the admin user.

If you are intent on using the everyday account, then make that one pleasant, and leave the admin account unpleasant to use. If you keep the admin user preferences uncustomized and "ugly", you'll be less likely to spend time there, and it will be harder to use because it's intentionally NOT customized. This will tend to keep you in the everyday user account, except when there are admin activities that require multiple actions and repeatedly entering the admin name/password is more hassle than working from a deliberately uncustomized and unpleasant admin account.



Customized app and system settings (preferences) are usually visible to shell scripting using the 'defaults' command. Some system settings are only visible or settable by the 'scutil' command. Other settings may also have a dedicated utility, such as 'tmutil' for Time Machine settings. Read their man pages.

Some settings are ONLY settable through the 'defaults' command, such as:

  defaults write NSGlobalDomain [U]NSDocumentSaveNewDocumentsToCloud[/U] -bool false
  defaults write com.apple.TimeMachine [U]DoNotOfferNewDisksForBackup[/U] -bool YES
  defaults write -g [U]NSDisableAutomaticTermination[/U] -bool yes

You can google the underlined name in each of those command lines to learn what it does.

When I bought a MacBook Pro last fall, I spent some time before the purchase making a written list of settings or preferences I wanted to change, and researching exactly how to establish the setting I wanted. After I got the MBP, I spent some time setting it up, tweaking things, and writing down the changes. Over time, I made additional changes which I also wrote down, so if I had to I could reverse them or reapply them to a clean OS. For the past several months I haven't altered the written list, and only my regular backups are preserving the state of the configured system.

 

[doubledee]

Nice post, chown33!!

Then don't.

After the initial admin user is created, do only a tiny amount of customization, such as adding Terminal.app to the Dock. Then use the initial admin user to create a non-admin everyday user account. Immediately log out of the admin user, and go setup all your preferences and whatnot from the everyday user. DO NOT login using the admin user ever again, unless it's absolutely necessary.

You should be able to use various System Preferences panes that require unlocking simply by entering the name/password of the admin user. Same applies to installing apps. But do all this while logged in as the everyday user, NOT while logged in as the admin user.

Before going on, can you please straighten out some confusion that I am having?

Scenario #1:
Let's say that I have an "Admin" and a "Standard" account. And let's say that - different from your advice above - I am logged in as "Admin" and I download, install, and customize some apps like MAMP, NetBeans, Audacity, OpenOffice, etc.

In that scenario, what would happen in my "Standard" account?

Would the apps and the app customizations just appear in the "Admin" account?

Would I have both the apps and the customizations in both the "Admin" and "Standard" accounts?

Or some other combination?


Scenario #2:

Now lets say I follow your advice above...

I create an "Admin" and a "Standard" account, and then log in as "Standard" and try to download, install, and customize some apps like MAMP, NetBeans, Audacity, OpenOffice, etc.

Mountain Lion would supposedly prompt me to enter my "Admin" credentials but while logged in under the "Standard" account, right?

So, would I be then able to completely download, install, and customize things while logged in as a "Standard" user?

Presumably the installs and customizations would appear as expected in the "Standard" account, right?

But what - if anything - would I see in the "Admin" account?


Scenario #3:

Is there any reason why I would want to have the apps and the customizations in *both* the "Admin" and "Standard" account?

Based on what I hear you saying, I would say "No, because you use your Admin account to administer your MacBook, and you use your Standard account to run your apps and do day-to-day things..."

Am I close?

And - in general terms - would there be any apps that I would want to install while logged in as "Admin" and not necessarily have in my "Standard" account?

For instance, let's say I broke down and bought "Kaspersky Lab US".

Where would I install that?!


Or what about my "Personal VPN", WiTopia?? (I fear that is a tricky one?! I would say I need that in *all* User Accounts, because I always need a way to access the Internet in a safe, and encrypted way!)

If you are intent on using the everyday account, then make that one pleasant, and leave the admin account unpleasant to use. If you keep the admin user preferences uncustomized and "ugly", you'll be less likely to spend time there, and it will be harder to use because it's intentionally NOT customized. This will tend to keep you in the everyday user account, except when there are admin activities that require multiple actions and repeatedly entering the admin name/password is more hassle than working from a deliberately uncustomized and unpleasant admin account.

I like your thinking!!

Customized app and system settings (preferences) are usually visible to shell scripting using the 'defaults' command. Some system settings are only visible or settable by the 'scutil' command. Other settings may also have a dedicated utility, such as 'tmutil' for Time Machine settings. Read their man pages.

I'm not really understanding what you mean here. (I have no Linux/Command-Line background...)

In practical terms, what I would want to know is this...

If I take your advice above, and install apps from my "Standard" account while entering my "Admin Credentials", will I be able to customize settings, preferences, and the general environment in apps like:

- MAMP (webserver)
- NetBeans (IDE)
- Audacity (audio recorder/editor)
- OpenOffice
- WiTopia (Personal VPN)


**Those are some of the key apps I use every day!!

Some settings are ONLY settable through the 'defaults' command, such as:

  defaults write NSGlobalDomain [U]NSDocumentSaveNewDocumentsToCloud[/U] -bool false
  defaults write com.apple.TimeMachine [U]DoNotOfferNewDisksForBackup[/U] -bool YES
  defaults write -g [U]NSDisableAutomaticTermination[/U] -bool yes

You can google the underlined name in each of those command lines to learn what it does.

Again, that is a little over my head, but you imply that you have to do it that way via Command Line versus being able to log in as the "Admin" and do it there?

When I bought a MacBook Pro last fall, I spent some time before the purchase making a written list of settings or preferences I wanted to change, and researching exactly how to establish the setting I wanted. After I got the MBP, I spent some time setting it up, tweaking things, and writing down the changes. Over time, I made additional changes which I also wrote down, so if I had to I could reverse them or reapply them to a clean OS. For the past several months I haven't altered the written list, and only my regular backups are preserving the state of the configured system.

Very smart approach!!

I think I am making progress... Just need some help understanding all of the "details"!!

Sincerely,


Debbie

 

[simsaladimbamba]

Just out of spite, isn't this all a bit too much and probably a bit more cumbersome to maintain?

While I might not have any secret data to protect on my Mac and rarely use web services besides Dropbox to share files, I am fairly confident, that my data and my Macs running admin accounts is pretty safe and I have hardly anything to do to maintain it except some of those security steps and such.

Mac Security Suggestions by munkery​

 

[chown33]

Before going on, can you please straighten out some confusion that I am having?

Scenario #1:
...
Scenario #2:
...
Scenario #3:
...

Many of your questions are answered most simply by this maxim:

Try it; see what happens.​

Assuming that you currently have a Mac, running some version of Mac OS X, and your current account is an admin account, then create a Standard user account. Then logout of the admin account, login to the new Standard acct, and try using it to do exactly the things you outlined. That is, download an app like Audacity, try installing it, and see what happens.

When I install apps, I usually put them somewhere they'll be available to every user. Maybe that's the /Applications folder, or maybe it isn't. Maybe it's a folder I created in the root directory of my startup disk, like /Additions or /Customized or whatever. Because what works for me might or might not be what you like.

When installing an app like Audacity, take notes of what you do along the way. Did you have to enter an admin name/password? Did you have to install it in a particular place? Observe and annotate.

Next, test whether the app installed from Standard user is available and runnable when logged in as admin. Also check whether it's available and runnable when logged in as a Different standard user.

I'm suggesting "Try it; see what happens" not because I can't tell you the answers, but because most people learn better by actually doing something, rather than by having someone tell them. If you make backups before doing anything, or you actually make a bootable backup and experiment on the backup, then you can always get back to a safe starting point.

Personally, I always prefer doing experiments on a bootable backup, which I'm actually booted from. The original stays where it is, and if things go wrong, all I have to do is change the Startup Disk, restart, and erase the Horrible Thing Gone Wrong disk before starting over.


I don't know what you mean when you say you "customize" some apps.

Do you modify the actual app bundle? Or do you mean you add plugins or some other components? Or do you mean you simply set some user preferences using the Preferences menu item in each app?

 

[doubledee]

Just out of spite, isn't this all a bit too much and probably a bit more cumbersome to maintain?

That is what I am trying to figure out...

On my current MacBook - which will be replaced shortly - I only have one account and it is an Admin account.

And the thought occurred to me that *maybe* that isn't so smart. (In the Windows world that would be considered stupid!)

While I might not have any secret data to protect on my Mac and rarely use web services besides Dropbox to share files, I am fairly confident, that my data and my Macs running admin accounts is pretty safe and I have hardly anything to do to maintain it except some of those security steps and such.

Mac Security Suggestions by munkery​

Could be.

But better to be safe than sorry!

Sincerely,


Debbie

----------

Many of your questions are answered most simply by this maxim:

Try it; see what happens.​

I guess.

I'm suggesting "Try it; see what happens" not because I can't tell you the answers, but because most people learn better by actually doing something, rather than by having someone tell them. If you make backups before doing anything, or you actually make a bootable backup and experiment on the backup, then you can always get back to a safe starting point.

I will be installing a new Seagate HDD.

Is it correct that I can "clone" my Factory HDD - using Time Machine - onto the new HDD and then play around with the new HDD installed in my new cMBP?

Personally, I always prefer doing experiments on a bootable backup, which I'm actually booted from. The original stays where it is, and if things go wrong, all I have to do is change the Startup Disk, restart, and erase the Horrible Thing Gone Wrong disk before starting over.

Could I also do this from a Bootable USB Drive?

I don't know what you mean when you say you "customize" some apps.

Do you modify the actual app bundle? Or do you mean you add plugins or some other components? Or do you mean you simply set some user preferences using the Preferences menu item in each app?

I just meant customizing Application Preferences, whether that is the audio settings in Audacity, or where I store templates in OpenOffice or how WiTopia is configured to connect to the Internet, or any Add-Ons or things like Bookmarks in FireFox.

So, no, I'm not doing any "application builds" like you may have thought.

Sincerely,


Debbie

 

[chown33]

I will be installing a new Seagate HDD.

Is it correct that I can "clone" my Factory HDD - using Time Machine - onto the new HDD and then play around with the new HDD installed in my new cMBP?

Time Machine does not make clones. It makes backups.

You can startup from the Recovery HD partition to restore a Time Machine backup, but there is no cloning involved.

Specific instructions on cloning an HD can be found in your thread here:
http://forums.macrumors.com/showthread.php?t=1588887

Please reread the information given there, especially regarding what tools to use to make clones (Carbon Copy Cloner or SuperDuper).

Could I also do this from a Bootable USB Drive?

See this post, from your "Questions about Bootable Clones":
http://forums.macrumors.com/showpost.php?p=17333070&postcount=6

There is additional information in posts after #6 in that thread, so I recommend rereading the entire thread.

I just meant customizing Application Preferences, whether that is the audio settings in Audacity, or where I store templates in OpenOffice or how WiTopia is configured to connect to the Internet, or any Add-Ons or things like Bookmarks in FireFox.

So, no, I'm not doing any "application builds" like you may have thought.

Those settings are stored as preferences, not a customized application. If a different user account runs the same application, then that user has their own preferences. There is no overlap, and the application itself is not customized (altered) when one user sets some preferences.

Again, I suggest a "Try it; see what happens" approach. Create a standard user account, login with that account, and change some preferences for an app you already know well. Then go back to your original account and observe that no preferences for the app running in that account have changed.