Users & Groups: Do I need a user besides an admin if I am the only user?

The question has been discussed at macintouch.com in March of 2017, where Fred Moore quotes from Apple's Snow Leopard Security Configuration Manual - see that post in context. Apple therein recommends using your computer as a standard user, even if you are also the administrator.

In High Sierra's Mac Help article with the title "Ways to avoid harmful software", Apple writes:

Consider creating a standard user for your daily work and use the administrator user only when you need to install software or administer users.

Mostly, a Standard User only protects you from yourself, but as John notes, it's not that much protection.

As a Standard User, you could theoretically install malware into only your own account, isolating it from the rest of the Mac, but if you know the admin password, you'll just install it everywhere giving it full power to damage the entire OS.

If you use a Standard User and have the willpower to only switch to the admin user to do admin things, like installing software, you may gain some benefit from having a separate user.

The only real protection from malicious software would be if there existed an unpatched exploit that could somehow do admin stuff without asking for your password to elevate your privileges. But, if it could do that, it wouldn't matter if you were admin or not. Being an "administrative" user doesn't automatically enable you to do system stuff like the Administrative user account in Windows. You must authenticate in order to elevate your privileges.

I've been working off a standard user account for years now and rarely go into the admin account. I haven't found that I have to authenticate very often so I do't think this is an issue as others have suggested. I like knowing that if anything tries to install in the background, etc. it will as for my admin password and I will notice this, rather than it just happening if I were on an admin account.

If you create a Standard User Account (don't select "Allow user to administer this computer") and use it for your routine activity, you are only one step away from Admin privileges anyway, since you know its password. You are likely to become so inured to providing the Admin name and password for every little thing that it will just become an annoyance. A Standard user ought not to know the Admin password, thereby limiting its potential for altering a system. That is its only advantage.

I think it's good enough, if I am the only one using my Mac, to just have one admin account and to use that one for all activities on the Mac.

It is.

Quoted from Apple's User Interface Guidelines,

Avoid unnecessary alerts. Alerts are inherently disruptive by design and should be used sparingly to avoid making the user experience less pleasant.

and

... Such warnings are important, but like other alerts, they lose their impact if they appear too often.

If an Admin user routinely logs in as a Standard user, a frequent need to authenticate may simply become an annoyance vs. asking for authorization from someone in a position of responsibility, whose credentials should be kept confidential. Moreover, the need to authenticate so often introduces a threat that the user will summarily dismiss the one dialog in a thousand that ought to be worthy of scrutiny.

As Apple notes, it's an option to be considered. If you think that choice benefits you, then by all means use it. I don't. Even an Admin user has to authenticate to install potentially harmful software affecting other users of that Mac.

Think before you click. There is no substitute for that fundamental responsibility.

... if anything tries to install in the background, etc

... it will still require an Admin password, even if you are logged in as an Administrator.

Putting the issue of annoyance through more frequent prompts aside, how would I know if it is better to switch to admin before installing software or to install it as standard user by authenticating with the admin's account? Where is the difference? I have read that ownership of installed software is associated to the user who installs it. How does this matter?

The annoyance is the only difference. It may make you think about what you are installing long enough to avoid it.

That's the reason I said it only serves to protect you from yourself. You're gonna do what you're gonna do.

However, if you are installing something that actually needs an installer and elevated privileges, you really should think about it, even if it is legitimate software.

A standard user can drag an app into the home folder Applications and run it from there. No need to elevate privileges. If the app needs elevated privileges, you have to wonder why.

will as for my admin password and I will notice this, rather than it just happening if I were on an admin account.

It will have to do that whether or not you are using an account that has the ability to administrate the computer.

An admin user only has the ability to elevate their privileges. They don't have any extra power that a Standard user doesn't have short of the ability to elevate privileges after authenticating who they are. It's not Windows. Every user in unix has no power whatsoever. Each user has to be specifically given access to only those things that require their access.

Huh, good to know! However, it does mean I know if it is requesting something that requires admin-level privileges rather than just requiring the user account password, eg. keychain.

You would know that in either type of account. There really isn't much of a difference between a Standard user and a user that is able to administrate the computer. If you don't authenticate a privilege elevation request, there is absolutely no difference.

Barney-15E wrote:

If you use a Standard User and have the willpower to only switch to the admin user to do admin things, like installing software, you may gain some benefit from having a separate user.

Putting the issue of annoyance through more frequent prompts aside, how would I know if it is better to switch to admin before installing software or to install it as standard user by authenticating with the admin's account? Where is the difference? I have read that ownership of installed software is associated to the user who installs it. How does this matter?

Huh, good to know! However, it does mean I know if it is requesting something that requires admin-level privileges rather than just requiring the user account password, eg. keychain.

Here is an example of why adding a second admin user can be useful.

Wanted to see if anyone can shed some light on this, after updating to High Sierra, my 1 and only Admin user has been changed to a standard user, I now cannot unlock and preferences to try and change this back or create a new user.

It is asking for admin details to unlock but there isn’t and has never been another user on my early 2013 rMBP

Posted on User from Admin to Standard | MacRumors Forums

Boot into Recovery Drive.

https://support.apple.com/en-au/HT201314

Under Utilities in the Menu bar, select Terminal.

Type (without the quotes) "resetpassword" and hit Return

This will bring up a window where you can reset the password for your User.

Select your User.

Enter new password

Reenter password

Save

Restart under the Apple in the Menu bar

I suggest adding a second admin to make it easier in the future to give admin status back to your User. In addition, it's a good for testing issues.