diff --git a/dnscrypt-proxy/main.go b/dnscrypt-proxy/main.go
index 71dcfc43..b9c522e0 100644
--- a/dnscrypt-proxy/main.go
+++ b/dnscrypt-proxy/main.go
@@ -35,6 +35,9 @@ func main() {
 		Description:      "Encrypted/authenticated DNS proxy",
 		WorkingDirectory: pwd,
 	}
+	if serviceUserName := serviceStartupUserName(); serviceUserName != nil {
+		svcConfig.UserName = *serviceUserName
+	}
 	svcFlag := flag.String("service", "", fmt.Sprintf("Control the system service: %q", service.ControlAction))
 	app := &App{}
 	svc, err := service.New(app, svcConfig)
diff --git a/dnscrypt-proxy/privilege_linux.go b/dnscrypt-proxy/privilege_linux.go
index 76e168fd..006c6eff 100644
--- a/dnscrypt-proxy/privilege_linux.go
+++ b/dnscrypt-proxy/privilege_linux.go
@@ -12,6 +12,10 @@ import (
 	"github.com/jedisct1/dlog"
 )
 
+func serviceStartupUserName() *string {
+	return nil
+}
+
 func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	currentUser, err := user.Current()
 	if err != nil && currentUser.Uid != "0" {
diff --git a/dnscrypt-proxy/privilege_others.go b/dnscrypt-proxy/privilege_others.go
index b860e6ab..ad825d1f 100644
--- a/dnscrypt-proxy/privilege_others.go
+++ b/dnscrypt-proxy/privilege_others.go
@@ -14,6 +14,10 @@ import (
 	"github.com/jedisct1/dlog"
 )
 
+func serviceStartupUserName() *string {
+	return nil
+}
+
 func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	currentUser, err := user.Current()
 	if err != nil && currentUser.Uid != "0" {
diff --git a/dnscrypt-proxy/privilege_windows.go b/dnscrypt-proxy/privilege_windows.go
index 61c08d1b..c8e5cc93 100644
--- a/dnscrypt-proxy/privilege_windows.go
+++ b/dnscrypt-proxy/privilege_windows.go
@@ -2,4 +2,9 @@ package main
 
 import "os"
 
+func serviceStartupUserName() *string {
+	userName := "NT AUTHORITY\\NetworkService"
+	return &userName
+}
+
 func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {}