September 25, 2006
How-To: Switch your account to a user account
Posted Sep. 25, ’06, 5:32 AM PT by Derik DeLong
Category | Security
The recent Installer package problem reinforces the idea that administrator accounts shouldn’t be used for everyday activities. In the case of the Leap-A virus, its effects were mitigated if run as a user because it had no access to the Applications folder to infect applications.
Even if Apple fixes the above mentioned problem, the bottom line is still that users should not run as admin if it can be helped. In Windows, you’re likely to run into issues trying to run many programs as a limited user. This isn’t true with Mac OS X user accounts. Here’s how you do it with minimal impact.
Go to Accounts in System Preferences.
Create a new administrator account. When setting up this account, don’t use “admin” as the username, particularly if you enable services that can be accessed from the internet. It increases the chances someone will be able to brute force attack into your administrator account. Also choose a very strong password (upper and lower case with numbers) that you can remember. You can leave Automatic Login on for your current user if you wish.
Uncheck the “Allow user to administer this computer” checkbox for your account.
That’s it! Make sure you remember the password for your administrator account. Chances are you may never have to log into that account. If you need administrator privileges (generally for installers and moving applications into Applications), Mac OS X will prompt you. Type in your administrator username and its password. This works from within your user account.
Congratulations. You’re one step closer to safer computing.
3 Comments
Leave a comment
Recent Entries
Ch-ch-ch-ch-changes afoot at MacUser
The Macalope Weekly: Leopards and monopolies and DRM! Oh, my!
Apple levels DMCA on iPodhash project
iPod touch users get second classed again with the omission of new Maps features
Apple Pro Applications Update 2008-004 makes your day
iTunes v8.0.2 comes riding on the coattails of iPhone firmware v2.2
About MacUser
MacUser is your source for news, info, and opinion about Apple, the Mac, and the iPod. Our dedicated team of bloggers covers everything that is relevant to Mac users — and, okay, some stuff that’s not quite relevant, but is still a lot of fun.
Subscribe/RSS
- Blog Posts
- Blog Comments
- Podcast (RSS) (iTunes)
Tip us off!
- Email: macuser [at] macuser [dot] com
Recent Comments 
- Dan Moren on iPod touch users get second classed again with the omission of new Maps features
- johnnydfred on iPod touch users get second classed again with the omission of new Maps features
- on iPod touch users get second classed again with the omission of new Maps features
- Neurotic Nomad on Apple levels DMCA on iPodhash project
- Dan Moren on iPod touch users get second classed again with the omission of new Maps features
- Me Again on iPod touch users get second classed again with the omission of new Maps features
Categories
- Apple (234)
- Advertising (162)
- Events (235)
- Huh? (182)
- Humor (259)
- News (148)
- People (258)
- Rivals (405)
- Speculation (167)
- Steve Jobs (172)
- Stores (206)
- Apple TV (58)
- Business (451)
- Games (143)
- Geekery (460)
- Hardware (935)
- Accessories (79)
- Intel Macs (162)
- Ihnatko (18)
- Internet (463)
- Legal (244)
- MacUser (94)
- Macalope (8)
- Money (177)
- Music (344)
- Podcasting (100)
- Photography (74)
- Security (246)
- Software (1544)
- Updates (538)
- Tips (352)
- Troubleshooting (189)
- Video (403)
- Windows (219)
- iPhone (199)
- iPod (602)
- iPod Accessories (96)
- iPod Software (61)
- iTunes (128)
- iTunes Store (443)
Archives
- November 2008 (91)
- October 2008 (138)
- September 2008 (151)
- August 2008 (177)
- July 2008 (175)
- June 2008 (171)
- May 2008 (185)
- April 2008 (234)
- March 2008 (217)
- February 2008 (215)
- January 2008 (239)
- December 2007 (169)
- November 2007 (164)
- October 2007 (187)
- September 2007 (167)
- August 2007 (195)
- July 2007 (152)
- June 2007 (223)
- May 2007 (243)
- April 2007 (286)
- March 2007 (288)
- February 2007 (250)
- January 2007 (266)
- December 2006 (244)
- November 2006 (293)
- October 2006 (307)
- September 2006 (250)
- August 2006 (268)
- July 2006 (288)
- June 2006 (293)
- May 2006 (297)
- April 2006 (351)
- March 2006 (366)
- February 2006 (110)
- January 2006 (107)
- December 2005 (23)
Mac Publishing Sites
Links
I'm sorry, but I'm confused. (what else is new) Right now, I'm running my system under my only account, obviously an admin account. So I should create another admin account, but don't check the use admin etc. box? Then login using that account?
What you want to do is create another administrator account and then demote your own account so that it no longer has admin capabilities.
That way, you keep using the account you have right now, but with reduced risk.
While you are discussing accounts, is there any easy to way to copy or clone an existing account. I have a separate admin account and a "family" account that we all use, with the dock and other interface items set up how I want them. I would like to clone this into separate accounts for my kids, to which I would add parental controls. I would like their accounts to start with the same dock, etc. Suggestions?