Desktop Security

When it comes to desktop security, computer users and owners are the first line of defense. Listed below are best practices you can use to keep your PC and Mac safe.

Run your computer as a User and not as an administrator.

When you surf the web or open email attachments, your computer is vulnerable to viruses, Trojans, malware, spyware, and other security risks. However, if you operate your PC from an administrator account, you are putting your computer at increased risk. 

Administrator privileges allow access to critical systems and programs on your computer. A virus or Trojan can infiltrate these key systems and cause havoc such as deleting your files, reformatting your hard drive, creating an account with administrator access, and spying on your computer-related activities.


Create a user account or a power user group. With a user account, you can perform routine tasks such as running programs and surfing the web without exposing your critical computer systems to security risks. As a power user, you have greater access. You will install programs, add printers, and use most of the Control Panel items. 

If you need to perform administrative tasks, such as upgrading the operating system or configuring system parameters, log off and log back on as an administrator.

Use strong passwords. Better still, use a pass phrase.

Passwords can be hard to remember, so don't forget that you can use pass phrases instead. Pass phrases are short fun sentences with spaces between the words.  Imagine an incredible or funny scene and make that your easy-to-remember pass phrase.

For best results, avoid well-known phrases and include words that are misspelled, or not found in the dictionary.

Here are some examples:

  • kitty ate my face off!
  • my 10 pups play fight
  • naked clowns cost $$$
  • 20 carbs a day max
  • Vader is my father dude a 200% raise is nice
  • Sugar is g00d for me.


Do not reuse passwords. For example, your Facebook password should be different from your SFU password which should be different from your GMail password.

Use pass phrases instead of passwords. Read more about password security in our page on choosing a password.

Check the security on the websites you visit.

Be a smart web surfer. Check the web addresses of all the sites you visit to ensure you haven't been farmed off to another website.

Before you provide person information, read the website's security policy. Find out how your information can or will be used. If you are entering credit card information, ensure you see HTTPS:// in the address field. The "s" stands for secure. Although it is not foolproof, it offers more protection than standard HTTP:// web pages.

aUse anti-virus or anti-spyware software.

There are many levels to an operating system, and some are more secure than others. Windows computers are susceptible to viruses, malware, and spyware such as the following:

  • Trojans
  • Malware
  • Adware
  • Keyloggers
  • Java exploits
  • Flash exploits
  • DNS spoofing


Purchase or download well-recognized free anti-virus or anti-spyware solution.