Hide a user account in the macOS login window
1. Log in with an administrator account.
2. Use this Terminal command. Substitute the short name of the user that you want to hide for hiddenuser:
sudo dscl . create /Users/hiddenuser IsHidden 1
The user account is also hidden in System Preferences the next time it’s opened. This command can’t be used with the Guest user account. Learn how to manage the Guest user account.
If FileVault is enabled, a hidden user might still appear in the first login window when you turn on or restart your computer.
Show a hidden user account
If you want the hidden user to appear again in the login window, set the user’s IsHidden attribute to 0:
sudo dscl . create /Users/hiddenuser IsHidden 0
If you want, you can delete the IsHidden attribute instead.
Hide the home directory and share point
This command hides the “/Users/hiddenuser” home directory:
sudo chflags hidden /Users/hiddenuser
This command removes the Public Folder share point for the user with the long name “Hidden User”:
sudo dscl . delete "/SharePoints/Hidden User’s Public Folder"
Hiding the administrative account from the GUI (Graphical User Interface) in macOS is beneficial for several reasons:
The administrative account on a Mac has access to system files and settings that standard users do not. By hiding this account, you can prevent accidental or malicious changes to these settings. If the admin account isn’t visible, it becomes more challenging for unauthorized users to tamper with the system.
Hiding the administrative account can help simplify the login screen for users. If multiple users use a Mac, only their user profiles will appear on the login screen. The administrative account, typically used less frequently, won’t clutter the login interface.
If a Mac is used in a public or shared space, hiding the administrative account can provide an extra layer of privacy. It conceals the existence of an admin account from others, discouraging attempts to access it.
Limiting Damage from Malware:
In case malware infects the system, limiting its access to a standard account can reduce the potential damage. Malware running on an admin account has more potential to damage or take control of the system. Therefore, it’s better to use the admin account sparingly and only when necessary.
Encouraging Good Practice:
Having a visible admin account might tempt users to use it for everyday tasks. It’s best practice to use a standard account for daily activities and only use an admin account for system administration tasks. This limits the potential exposure to security risks.