Do you have a separate admin account on your services?

pe1uca@lemmy.pe1uca.dev to Selfhosted@lemmy.world – 30 points –

I've been creating separate accounts for some of my selfhosted services, some are to further sub-divide the data, but for sure I always have an admin account and the account I use day to day.

What's your account creation schema?
What do you think about creating multiple accounts for your selfhosted services?

6

I have two services that my main account has zero admin rights on: gitlab and nextcloud. Both have, potentially, sensitive data owned by others. I've put massive passwords and MFA on both of those admin accounts. I figure if someone somehow harvests the session data or passwords and cracks 2fa on my account, that's the only one that will be affected.

What powers an admin have to break your stuff when you only have a single other account?

Some times separating concerns is meaningless. Some times it's useful to have many accounts for a single user. Some other times the admin/normal user separation is useful. It does really vary.