Word for a computer user without administrative access/privileges

As is the case with many IT related terminologies, there is room for interpretation here. There is no established ruleset specific to IT. Though conventions may exists, they are not yet implemented to a level of anything non-conventional being considered flatout incorrect.

Some feedback on your ideas

User - too general, and a Super User and Administrator are also "users", so this was confusing

I disagree here. "User" is perfect. If I say the following:

The party was attended by employees and managers alike.

A manager is still a (type of) employee!

Similarly, just because an administrator is inherently a user, does not preclude the common inference that when you say "user", you mean "those who are only users".
Though you are correct that that is not explicitly stated, it is a fairly obvious implication, often made even clearer by the surrounding context in which it is used.

I honestly think "user" is the best answer here.

Basic - not contextual enough, and maybe construed as relating to "stupid"

OED link

"Common to or required by everyone; primary and ineradicable or inalienable."

According to IT, everyone is a user. It literally means "anyone who is using a computer" (or other device). Therefore, "basic user" is applicable.

I don't agree with your notion of "basic user" implying a stupid user. If you were to say "simple user", however, I do think that inference can possibly be made.

Standard - not contextual enough

In my opinion, it is contextual enough. However, consider using "default" over "standard", as it is slightly more common in the field of IT.

Student - The software is not academic, relates too closely to education

I agree, this is not relevant.

General - best so far

I don't agree. "general" is way too broad. Also, consider the definition of the word "general":

OED link

"Affecting or concerning all or most people or things; widespread."

"General" means "the most common", not "the most basic". If you have a company where there are more administrators than normal users, then administrators can be considered to be the general users.

Some additions from me

Default users

Relatively similar to "standard", meaning that this type of user is the entry point for users. "Default" seems more common in the context of IT, compared to "standard".

Generic users

This suggestion again relies on the idea that administrators are still part of the group of users. They are a subset, not a separate group, and that distinction is incredibly important in the field of IT.

OED link

"Characteristic of, or relating to a class or group of things; not specific."

In your case, "generic user" means "any type of user". It is logically implied that when many types of users are addressed at the same time, that you are expected to treat them by their common denominator.

Logically speaking, the most common denominator of "all users" is equal to "the most basic level of user".

A user (who is not an Administrator)
A user (who has no elevated rights)

This suggestion is based on your specific context.

In my experience as a software developer, this is very common in documentation regarding the security access. This can be extended to describing the visibility of information, your specific scenario.

Keep in mind that such documentation is often read by IT personnel, who are logically minded. A logical inversion ("not having X") is more clear than the addition of another defined role.

When you use a named definition (e.g. standard user), you allow for the implication that a "standard user" is an established (explicitly named) role. You can avoid such an unintended implication by using a logical inversion that describes what you mean.

Conclusion

Other than "student", every option listed here is valid. The issues you bring forward are not necessarily incorrect, but I do consider them nitpicky; I highly doubt that people will focus in the inherent meaning of the word rather than the meaning you're trying to convey.

However, as "user" conveys the correct meaning here, it seems superfluous to have add a further description. In the interest of brevity where it doesn't affect the clarity of the message, I advocate simply using "user".

As a general rule for IT, especially in the case of clear communication, I would suggest you adhere to the following:

Where possible, always avoid using named definitions, if an accurate description can be used in its place.

Names can change more easily than descriptions.

This is often called an unprivileged user.

The Linux man page for user_namespaces starts:

User namespaces isolate security-related identifiers and attributes, in particular, user IDs and group IDs (see credentials(7)), the root directory, keys (see keyrings(7)), and capabilities (see capabilities(7)). A process's user and group IDs can be different inside and outside a user namespace. In particular, a process can have a normal unprivileged user ID outside a user namespace while at the same time having a user ID of 0 inside the namespace; in other words, the process has full privileges for operations inside the user namespace, but is unprivileged for operations outside the namespace.

Microsoft's security best practices include headers that use similar terms:

Creating Unprivileged Accounts to Manage Privileged Accounts

Apple refers to unprivileged applications in security bulletins:

By registering for a hotkey event, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by additional validation of hotkey events.