Rather than requiring you to enter admin credentials every time you want to run a task or make changes to a task, CCC only requires users with administrative privileges to authenticate once when CCC is initially installed. While this configuration is easier to use, there are situations where this configuration is not appropriate. If you leave your system unattended with an admin user logged in, someone with physical access to your system can modify or run your CCC backup tasks. If you cannot rely upon the physical security of your Mac to prevent someone from using your Mac, you can adjust CCC's security settings in the Advanced section of CCC's Settings window.
Security Levels
Require an admin user (default)
The privilege is granted automatically for a user that has administrative privileges on the computer (e.g. the first account that you create in Setup Assistant).
Non-admin users: Non-admin users cannot attain this privilege; an authentication dialog will only be presented to admin users, and only when the security token has been forcefully expired.
Privilege expiration: The privilege will expire upon logout, or upon quitting both CCC and the CCC Dashboard.
Require an admin, and authentication (higher security)
The privilege is never granted automatically. When the first request to use the privilege is made, the privilege will be granted when an admin user successfully authenticates.
Non-admin users: Non-admin users will be presented with an authentication dialog when a privilege with this security level is requested, and that privilege will be granted when admin user authentication credentials are provided. If you usually log in to your Mac with a non-admin user account, this is probably the security level that you will want to apply to each CCC privilege (and it is the security level that is applied by default if CCC is initially installed via a non-admin user account).
Privilege expiration: The privilege will expire upon logout, or upon quitting both CCC and the CCC Dashboard.
Any logged in user (lower security)
The privilege will be granted to any logged in user, including non-admin users. We recommend using this security level with careful consideration. For example, this level of privilege would not be appropriate if the physical security of the Mac cannot be guaranteed. Likewise, follow Best Practices with regard to third-party software installation and malware detection. If you make these privileges available to any user, then they are available to any software running as those users too.
Privilege expiration: expiration is not applicable in this case.
Other privileges are granted simultaneously when an individual privilege's requirements are met
If you have more than one privilege configured to require an admin and authentication, for example, then all of those privileges will be granted as soon as an admin user authenticates in response to an individual privilege request. CCC does not require you to authenticate separately for each privilege. That only applies to privileges that have a matching or lower level security requirement; if you acquire a privilege that was set to "Require an admin" via logging in to the Mac as an admin user, then another privilege set to "Require an admin, and authentication" will not be granted until the privilege is requested and you successfully authenticate when prompted.