Windows it’s an operating system that tends to normalize bad practices among users. For those familiar with Linux, macOS, and BSD, you may have thought of using an administrator account by default.

Most Windows users use an administrator account. however, to “speed up” the use of the operating system, this practice is more than known At the moment of truth, this represents an entire highway for malwarewhich, if executed, will have access to the whole or almost the whole system, thus being able to cause massive damage that will surely force a reinstallation.

On Linux, macOS, and Unix and Unix systems, there is an account called root that can be homologated with the main Windows administrator. To put it very simply, using Windows with an administrator account is like using the root account in Linux for absolutely everything. This idea is hard for Linux users to accept, but it’s something that has become so normalized in Windows that even the system itself prompts you to do it by default, perhaps in part with the intention of preserving certain aspects related to compatibility and making it easier to use those applications, which require administrator privileges.

Using an administrator account for everyday tasks is a very bad idea, and the fact that hundreds of millions of people are doing it doesn’t make it any good. Improving in this area is as simple as migrating to a regular user account with less privileges. to make it more difficult for attackers to try to damage the system, however, it is important to consider that in this scenario the user’s files are exposed (it also happens on Linux), so ransomware acting as a portable program can encrypt personal files with disastrous consequences .

A shared user account provides more security compared to an administrator type, yes, but it will not remove or reduce the recommendation for regular backups As a precautionary measure. On the other hand, malware has recently tended to be directed more and more against personal data and not so much against the system (ransomware is a clear example of this) and the point is that the operating system and applications, in general, can be easily restored, but it is not the case of files and personal data, especially if they are not backed up.

Despite everything, getting security is always a good thing, and using a regular user account limits the radius of action of malware, so let’s get into the basic types of accounts and how to configure them in Windows.

Basic types of user accounts

Due to the great simplification and focus on home-oriented operating systems, two types of accounts can be distinguished: administrators and regular users. Windows administrators they can be compared, at least in a relative sense, to the root user found on Linux, macOS, BSD, and other Unix and Unix-based systems. If the operating system is variable, have elevated privileges that allow them to do, delete, and modify almost anything, even on sensitive parts of the operating system and files of any user.

All of this power makes administrative users an ideal vehicle for launching malware in Windows, as their high privileges allow them to write and delete a large percentage of the operating system, causing serious damage that will force a reinstallation, not counting personal files that this probably also applies.

Most Windows users in the world use account type administrator, a habit mostly supported by the operating system itself because the first account created during the installation process is of this type. This forces you to take extra steps to use a common type, which would be ideal to have additional barriers to protect sensitive parts of Windows.

It is strongly recommended to use a regular user by default in Windows, so we will mention the steps to create a single user for better security.

How to create a regular user in Windows

First, or at least that’s how it is in Windows 10, you need to open Settings operating system from the Start menu (using the search bar will help save time). Once inside, click on the section accounts.

Once you are in account configuration, click on to continue “Add another account to this team” under “Family and other users”.

A window will then appear asking you to create a new user account from your Microsoft account (Outlook/Hotmail). Mobile operating systems have made something that should be optional, almost mandatory, so we will be a little more ethical to limit the account to local as much as possible, because with Windows 10 and 11 you already know Microsoft has implemented many things to “enhance the experience”. For this reason, in our case we clicked on “I don’t have a login for this person“.

The next step is to insist on Windows that we want to add a user without a Microsoft account, which is done by clicking the “Add a user without a Microsoft account“.

And now yes, the system allows you to create a regular user. In this step you will have to fill in the name or password and three additional questions in case the user forgets the password, also click Next to complete the process. It is recommended to set a password for the user, although this is little more than a barrier against awkwardness, since it is always possible to see the files with a live Linux session to begin with.

A normal user is already created, but it doesn’t hurt to check that it really is and not an administrator type. To do this, click on it in the “Family and other users” section, then press the “Change account type“. Of course, this also serves to convert an administrator type user to a normal user and vice versa.

It won’t be necessary to explain how to login with a new user at this point, will it? Just close the one that corresponds to the running administrator and switch to the regular one to strengthen the security you get with Windows.

conclusion

Using a “Linux perspective” when managing Windows users is a good idea, as we’ve said several times in this post: improving security, especially when it comes to preventing files or sensitive parts of the system from being changed or deleted. only by malware, but also accidentally by the user himself.

On the other hand, it’s not a great panacea against threats, but that doesn’t mean that administrator-type accounts are a wide highway that makes the task much easier for malicious actors.