I was going over user accounts in ITF and the book I'm using says that making a user account on your pc make your pc a little more secure.
I had a situation when I got a virus form playing a Facebook game on my PC. It brought up a screen that said " You have been caught looking up illegal content you have this much time to call this number" blah blah blah. Well I couldn't get out of that screen to run my antivirus software to get ride of it. I was informed that I need to get into the Bios to run the antivirus. But because I had a user account set up it wouldn't let me, It would constantly bring me up to my user account and want me to login and every time I would login it would bring me back to the virus screen. I had to reinstall my windows and wipe my hard drives to fix the problem. After that I never used a user account. So my question is does a user account really make your pc more secure?
-
User Accounts
-
@Tiffani-Kenison said in User Accounts:
So my question is does a user account really make your pc more secure?
Yes, even though your user account may have been compromised. If you had others using the same computer with their own user accounts, their data and accounts should not have been unless you did what the hacker asked and gave them control by hacking your own bios for the scammer.
-
There are a few ways having user accounts help secure a machine.
First, understand you are always using user accounts. Whether it is a built-in account like "administrator" or an account you created. Depending on the version of Windows, if you weren't required to create a user account during the Windows installation, then you are using the built-in administrator account. If you are not prompted to log in with a password, then autologin is being used. To access the user interface (the desktop) an account has to be used.
This is where the first security benefit of using additional user accounts comes in. It's not recommended to log on to your machine as administrator (or any account that has administrative access) to surf the internet and check email. If you accidentally launch malware (like the one you described) while logged in as administrator, then the malware now has administrative access (browsers block some of this, but still dangerous). You should create a standard user account that you use to log in with. Then, when you need to do something that requires administrative access, you can use the "run-as" option to escalate your credentials temporarily.
The second way having additional user accounts provides security is access control and accountability. These are more important if you have multiple users on the same machine. If everyone is logging in with the same account (like the built-in administrator) then there is no way to assign different permissions to different users or tell who performed a task. Who deleted that file? Who installed that software? Separate accounts provides that accountability.
The issue you had with entering the BIOS might have been from the malware, or if the built-in administrator account was disabled. Windows 10 for example disables the built-in administrator account, so the only account you can use is the one(s) you create, unless you specifically enable the built-in administrator account.
So best practice, everyone who uses the computer should have a standard account, and create an administrator account that you can use when needed using run-as.
