Device Security

    Create a Standard (Non-Admin) User Account on Windows

    The single biggest thing you can do to limit malware damage on a Windows PC: stop using an admin account for everyday browsing and email.

    7 min read · Beginner friendly

    Why this matters

    When you are signed in as an administrator, every app you run — including malware — inherits admin powers. That means it can install drivers, disable Defender, create new user accounts and encrypt your files without further confirmation.

    When you are signed in as a standard user, the same malware is far more limited. Most modern Windows infections (including ransomware and remote-access tools) are dramatically less effective against a standard account.

    Step 1: Create a brand-new admin account

    Go to Settings → Accounts → Other users and click Add account.

    Choose I don't have this person's sign-in information → Add a user without a Microsoft account. Name it something obvious like PC Admin and set a long, unique password.

    Click the new account, choose Change account type, and set it to Administrator.

    Save the password in your password manager. You will need it every time you install software.

    Step 2: Sign in to the new admin account once

    Sign out of your current account and sign in as the new PC Admin account so Windows finishes setting up its profile.

    Then sign back into your normal account.

    Step 3: Demote your everyday account to Standard

    Back in Settings → Accounts → Other users, click your everyday account, choose Change account type and set it to Standard User.

    From now on, when an app needs to install or change system settings, Windows will pop up a UAC prompt asking for the PC Admin password. That prompt is your last line of defence — read it carefully every time.

    Step 4: Use 'Run as administrator' deliberately

    When you need to install something, right-click the installer and choose Run as administrator, then enter the admin password. Once installed, go back to your standard account for everyday use.

    If something pops up an admin prompt and you did not just start an install, click No. That is malware asking for permission to escalate.

    Treat any unexpected UAC prompt as a red flag. Real software only asks during installs and updates.

    More from Device Security

    No image

    How to Block Scam Calls and Filter Spam SMS on Android

    How to Block Scam Calls and Filter Spam SMS on Android
    No image

    How to Detect Spyware or Stalkerware on an iPhone

    How to Detect Spyware or Stalkerware on an iPhone
    No image

    How to Stop Apps Spying Through Your iPhone Camera and Microphone

    How to Stop Apps Spying Through Your iPhone Camera and Microphone