It is safer to login with a standard user account. Very rarely will you need to login with an administrator account.

Ok, so maybe when you login to your computer you are using a standard (limited privilege) account. If so, good on you. Unfortunately, you are more than likely logging in with an administrator (elevated privilege) account. The administrator account allows the person logged in to do almost anything that they want. You may be asking yourself ‘So what? It is my computer, I own it, and I am the only one that uses it. Why would I not login as an administrator?’

Principle of least privilege

The ‘principle of least privilege’ is why. This principle states you are given only the minimum access required to do a certain thing, job, or task. Maybe that is checking email, purchasing items online for your business, or other basic productivity tasks. Usually none of these actions require the use of an administrator account. What then happens if you are logged in with a standard account and an action (e.g. installing new software) does need elevated privilege?

The person trying to install the new software will be prompted to enter an administrator password. Yes this may be a slight inconvenience but these types of actions will not be a very frequent occurrence. The trade-off of course is that your exposure to risk is reduced and being asked for administrator credentials acts as a speed bump, or a safety check if you will. But this principle still does not really explain the slightly more technical and security related (ahem, nerdy) reason why you should login with a standard account.

I am safe because I do not use Windows

Before we continue on please know that this statement is a fallacy. The frequency and methods of attack may differ but other operating systems are just as vulnerable to being exploited as Windows is. Your account type may be titled differently (e.g. an administrator account may be called root or superuser) but the principle of least privilege is still applicable. Even if you are using Apple/Macintosh or a variant of Unix/Linux (e.g. Ubuntu) the advice below still applies.

Hackers like privilege

Hacker, bad actor, individual with malicious intent, call them what you want. Sometimes the end goal of someone trying to gain unauthorized access to your computer or network is to gain administrative access. The reason for this is that with administrative access their is very little that cannot be done. Part of the problem is that a computer (the hardware and/or software) is only going to do what it is told and allowed to do.

A correctly entered administrative password by you as the owner of the computer is the same as a correctly entered administrative password by someone on a completely different continent. It can be difficult for the computer to differentiate between you as the owner of the computer and someone that has gained unauthorized access.

How about an example

An example of malicious activity that can be accomplished easily with administrative privilege is installing a backdoor. With elevated privilege and a backdoor, a person with malicious intent rarely needs to be actively involved. They could even install scripts that will run periodically. One of these scripts may capture the keystrokes entered by you on your keyboard (known as a keylogger). The keylogger would then automatically send those keystrokes to the malicious individual.

This person could review the keystrokes and identify the website you use for banking and your username and password. Does your bank require you to answer a security question as a secondary security measure? Yep, the keylogger can capture that as well. Suffice it to say, if you are logged in with an administrator account, and your computer becomes compromised (i.e. hacked), the damage that can be done is exponentially greater than if you were logged in with a standard account.

Using a standard account is ideal but it is still vulnerable

While using a standard account increases your risk posture (i.e. you are more secure), I do not want you to think using a standard account means you and your computer are completely immune to being hacked/attacked/compromised. Even when using a standard account, picking up malware from the Internet is not difficult. This can happen by simply visiting a completely legitimate website that is unknowingly compromised with a malicious advertisement (malvertising). With that said, using a standard account can make it more difficult for certain types of malware to execute their payload. Sometimes that is all that is needed to avoid certain malware.

What can be done then

Keep in mind that with enough time, effort, and resources, if someone with malicious intent wants to get into your computer and/or network, it will very likely happen. You have to keep your computer and network protected every single second, the attacker only has to be right once. As with almost everything related to technology risk management, it is best practice to utilize a defense-in-depth model.

Also known as a ‘security onion’ the goal is to have multiple layers of protection so that should someone with malicious intent try to compromise your computer and/or network, they will hopefully give up and move on to the next target. Using a standard account is only one layer of that security onion.

By logging in with a standard account and thus implementing the principle of least privilege, a hacker or piece of malware can only do as much damage as your account will allow.  Starting today, changing how you log into your computer could very well reduce the maximum damage malware could inflict, or potentially render it useless. And for goodness sake, do not create a standard account that uses the same password as your administrator account.