Windows User Accounts: How to build your first line of defense against hacking

Imagine yourself at a Bestbuy or other electronics store, you’re looking at a brand new computer tower that has Windows on it and your heart is set on buying it. After you get it home you go through the setup of the machine and the user account(s).  After a few months of using the computer BAM!!!! Everything starts acting odd and you do not know why. All you did was browse the web and install a program on the computer. In the background without you knowing it the program you installed downloaded and installed additional programs on the computer. How did it do this without you knowing it?

Everyday many people use their home computers for many things: email, homework, writing, blog posts and banking or other sensitive activities. Your files have to be protected from unauthorized access and the first step to this is to not allow a malicious person to have access to an administrator account. Well this new computer you setup in the story had you setup an administrator account as the one you use for regular usage.

What is an administrator account? First I have to talk about the concept of privileges. With Windows there are different types of user accounts. The important types are: standard user and administrator. An administrator account has the ability or “privileges” to make changes to the system. Some of these changes include:  installing and uninstalling programs, deleting certain files, changing security settings, and modifying the network settings. Standard user accounts do not have the privileges that administrator accounts have. This type of account can create files like documents and spreadsheets; they can also delete the files they create. However these accounts cannot make any changes to the system or access any file that does not belong to them. When a user logged into a standard user account tries to make system changes Windows will prompt the user for the administrator’s password (if there is one). Unless this password is put in correctly the system change will not take place. This feature is called user account control (UAC) and its primary purpose is to make sure unwanted system changes do not take place.

For regular computer usage an administrator account should never be used because you don’t want changes to be made to the computer by mistake. Also if a hacker gains control of your user account and it’s an administrator account then the hacker has complete control of your computer. Another reason to separate the user and administrator accounts is because if a user is logged into an administrator account and they click on a link that contains a malicious program then the program will install itself without the user realizing it. But if the same thing was done by a standard user account then the user account control will be triggered alerting the user that a program is trying to install itself. This is one way to stop programs from installing without you wanting them to.

For more information on how user account control works check out the Microsoft page that describes the User account control technology: http://windows.microsoft.com/en-us/windows7/products/features/user-account-control

Some of you may think that it’s inconvenient to have to type in a password every time you want to install a program on your computer. Think of it this way: you’re trading a little convenience for security. With airports getting to the gates can take a while because of airport security. Computer security is the same way; if you can put up with inputting a password every time you want to make a system change then you will have a layer of defense not only against attackers but also against user error and programs installing themselves without you knowing about it.

Setting up a separate user and admin accounts can sound like it’s hard but it is not. This can be done using one of two ways: The Windows GUI (Graphical User Interface) and the CLI (Command Line Interface). Personally I prefer the command line due to its simplicity and speed. But with the command line you need to know certain commands and syntax in order create the accounts. I’ll cover the GUI first:

  1. Start off by making sure the account you are using is an administrator account
    1. This is required because the admins are the only accounts that can make changes to a system. This includes creating user accounts.
    2. Click start -> control panel -> user accounts and family safety -> User accounts
Click on the start menu then click control panel
Click on the start menu then click control panel
Click on user accounts and family safety
Click on user accounts and family safety
Click on User accounts
Click on User accounts
User account screen
User account screen. On the top right hand corner of the Window you will see your account picture, account type, and if the account is password protected. Make sure your account type says “Administrator”

After you confirm that the account you are logged into is an administrator account the next step is to create a second administrator account that you know the username and password to. This account will take over the administrator privileges that your daily usage account will no longer have.

Click start -> control panel -> User Accounts and family safety -> click add or remove user accounts

Click add or remove user accounts
Click add or remove user accounts
Click create new account
Click create new account
Select a username for the new account and make sure to click administrator then click create account
Select a username for the new account and make sure to click administrator then click create account
Your newly created account will then sow up on the manage accounts screen. Next you need to set a password for this new account. Click on the new account's icon.
Your newly created account will then show up on the manage accounts screen. Next you need to set a password for this new account. Click on the new account’s icon.
Then click create a password.
Then click create a password.
Select a password for the new administrator account. Make sure it is strong, You can also make up a password hint if you wish.
Select a password for the new administrator account. Make sure it is strong, You can also make up a password hint if you wish.

After the setup of the new admin account is complete you can proceed to downgrade your regular usage account to a standard user account.

Close the currently open windows and click start -> control panel -> User accounts and family safety -> User accounts

Click standard account then change account type
Click change your account type, UAC will not trigger (already admin). Click standard user then change account type. After this in the user accounts window it should say “Standard”

Log out of the changed account then log back in for the changes to take place.

As an additional measure I alter my User account control settings. I make it more sensitive.

Click on User account control settings
Click on change User Account Control settings
This screen will pop up. These are the default settings for UAC
This screen will pop up. These are the default settings for UAC. Personally I don’t like the fact that Windows does not inform me about when I make changes to the system. I make mistakes and I would like Windows to double check and make sure that I want to make changes to the system.
This is the UAC setting I recommend. I may be annoying that UAC will always trigger but I prefer  it. This will stop any unknown software from installing itself in the background.
This is the UAC setting I recommend. It may be annoying that UAC will always trigger but I prefer it. This will stop any unknown software from installing itself in the background.

For the more advanced user the command line can be used to change user account types. Each account in Windows belongs to a group. Examples of groups are: the user group and the administrator group.

  1. Open an administrator command line prompt. Click start -> type cmd -> right click on the cmd icon -> click run as administrator
Click start -> then type cmd into the search box -> then right click the command prompt icon and click run as administrator. After that click yes and this should show up.
Click start -> then type cmd into the search box -> then right click the command prompt icon and click run as administrator. After that click yes and this should show up. Make sure that the top of the prompt reads: Administrator  Another indicator that the command prompt is an administrator prompt is the current working directory is C:\Windows\System32
  1. Confirm that the account you want to remove is an administrator by listing the accounts that have administrator level access
    1. Syntax: net localgroup administrators
Typing the command: net localgroup administrators will show which users accounts are admins on the system. Make sure the user account you want to downgrade is in this list. If it is not then your work is already done.
Typing the command: net localgroup administrators will show which users accounts are admins on the system. Make sure the user account you want to downgrade is in this list. If it is not then your work is already done.
Type the command: user localgroup administrators (accountName) /del (account name is the name of the account you want to downgrade to a standard user) This command will not delete the user nor delete the administrators group. This command removes the user account you selected from this group. Making it a standard account.
Type the command: user localgroup administrators (accountName) /del (account name is the name of the account you want to downgrade to a standard user) This command will not delete the user nor delete the administrators group. This command removes the user account you selected from this group. Making it a standard account.
Type the command: net localgroup admnistrators agaiin the check if the account you wanted to downgrade is removed from the group. If it is the your work is down. Congratulations you have successfully downgraded an account from administrator to a standard user using the command line.
Type the command: net localgroup admnistrators again and check if the account you wanted to downgrade is removed from the group. If it is then your work is down. Congratulations you have successfully downgraded an account from administrator to a standard user using the command line.

Log out of the account and log back in to have the changes take place

After separating these accounts out make sure they are both protected with strong passwords. A strong password should be long and contain several different types of alphanumeric and special characters. In a later post I will be covering how quick common passwords can be broken, tools that can make and store passwords, passphrases, and how to make a strong password that is easy to remember.

I hope you have enjoyed and learned from this post. If you have any comments or concerns please feel free to use the comment box below.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s