mechBgon's guide for first-time PC builders... using a Limited account for security

Different versions of Windows use different names for non-Administrator accounts

This page explains how to use a "low-rights" user account to greatly improve your computer's security. Low-rights accounts have different names on different versions of Windows:

On Windows 2000, they're called a "Restricted User" account.
On Windows XP, they're called a "Limited" account.
On Windows Vista, they're called a "Standard User" account.

In all three cases, the "high-rights" accounts are called Administrator accounts, so for the rest of this page, I'll use the term "non-Administrator accounts" to refer to Restricted User / Limited / Standard User accounts.

What are non-Administrator accounts? Non-Administrator accounts are allowed to use the computer's existing software, but they don't have unlimited power over the computer like an Administrator does. No one can shoot you with your own handgun if it has no ammunition, and likewise a non-Administrator account's inherent lack of power makes it MUCH more secure against viruses and spyware than using a Computer Administrator account. When Windows is installed, it has to make you an Administrator to begin with, but you can change that if you want. skip to the setup instructions

What about older versions of Windows, like Windows Millenium Edition (WinME) or Windows 98? Windows ME and Windows 98 do not have non-Administrator accounts available. If you're reading this, you're evidently interested in keeping your computer secure, so my advice is to abandon WinME and Win98 or at least keep them isolated from networks or the Internet.

The user accounts on my Windows XP home computer. As you can see, I have one Administrator account and two Limited accounts.

Which type of user account am I using now? Administrator, or non-Administrator? If you don't know which type you're using, then you're almost certainly using an Administrator account, because that's how Windows sets you up by default. It's up to you to change your account to a non-Administrator account if you want to.

How much does a non-Administrator account improve my computer's security? A great deal by itself, plus it reinforces your other security measures against tampering as well (antivirus, firewall, automatic updates). On Windows Vista, the use of Administrator accounts is safer than on Windows XP/2000, as long as you don't disable User Account Control, but you might as well do the job right and use a Standard account. show me some more security tips

Non-Administrator accounts also help keep kids, roommates, siblings, and visitors from messing up your computer or getting into your stuff. I set up my home computer with a separate non-Administrator account named visitors. My other accounts are password-protected, so visitors is the only account that visitors can get into at the Welcome screen.

If I try a non-Administrator account and I don't like it, can I undo it? Yes, it's easy to switch back and forth.

How to change to a non-Administrator account

There always needs to be at least one Computer Administrator account. So if you've been using the computer's only Computer Administrator account as your regular "daily driver" account, you'll need to make a new Administrator account before you can switch your own account to a non-Administrator account. The following directions are for Windows XP, but Vista is similar.

In Control Panel, open User Accounts, click Create a new account and make a new account (I named mine superuser). Let it remain a Computer Administrator account.

Now that you've got this new Administrator account, you have the option to set your account to a non-Administrator ("Limited," in this case).
Click Start > Log Off and log off. You should now see a Welcome screen showing the new Administrator account, as well as your regular account. Log into your new Administrator account.
Go to User Accounts and click on your usual account:

superuser is my new Administrator account. user is the account I've been using, which I want to change from Computer Administrator to Limited.
Click Change the account type:

Above: I click Change the account type for my regular account, so I can change it to Limited.
Change the account to a non-Administrator (Limited), as shown in the picture below. If I want to reverse the change, I log into my Administrator account, and simply change this account back to a Computer Administrator again.

Now my account is a Limited account (below).

You're done! : ) The key idea is to only use your Administrator account when you actually need Administrator-level powers, such as when adding new hardware & software. For instant messaging, email, Web browsing and other daily computer use, use your non-Administrator account.

For advanced users: adding a Software Restriction Policy

If you have Windows XP Professional Edition or Media Center Edition, or Vista Business or Ultimate Editions, try Software Restriction Policy too. To see what version of Windows you have, just click Start > Run, type winver in the box and click OK.

So if this is so effective, why don't more people do it? There's GOT to be a catch. Some software doesn't work correctly when you run it from a non-Administrator account. If you have problems, try my tips on this page. Windows Vista is specifically designed to handle this stuff better, so there's another reason to choose Windows Vista if you're building a PC. show me how to pick a version of Vista

Split personality! Note that you can log onto multiple accounts at the same time. Click Start > Log Off and choose Switch User, and you can log onto another account without logging out of the first one. If you're not accustomed to running more than one account, it will help to remember that each account has its own folder in C:\Documents and Settings, containing each account's own My Documents, Desktop, Favorites and so forth.

back to the Best-practices security page