 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Windows Vista / Administration / March 2007simple ques about standard and admin
I am new to Vista. I previously used XP and set up an admin account that I used when needed. Otherwise, I did all of my activity on the limited account. My question is; with all of the new UAC controls in vista, is it necessary to do a similar set-up? In vista, can I just use and operate from an admin account? Or is that unsafe? Thanks! They're both protected in Vista. The only real difference is that if you can password-protect the admin account, which prevents standard users from elevating their privileges (if they don't know the password). Still, it makes sense to use a standard account for your day-to-day stuff. There's really no reason to use an admin account for day-to-day stuff. I only use my admin account for those rare situations where you can't just elevate from a standard account. >I am new to Vista. I previously used XP and set up an admin account that I > used when needed. Otherwise, I did all of my activity on the limited [quoted text clipped - 4 lines] > > Thanks! The password protect isn't much of an issue since it is just me using the computer. So I am still not clear why it would be better to even set up a standard account and to operate from that. I know in XP it is a bit more work to have to switch user accounts to the admin to do anything. So if I operate from a standard account in Vista, will it be more "work"? Will I have to continually switch to an admin account all of the time if I want to do anything? Sorry to be so petty. I am just trying to get a clear picture of the new set-up. Thank you! > They're both protected in Vista. The only real difference is that if you can > password-protect the admin account, which prevents standard users from [quoted text clipped - 12 lines] > > > > Thanks! The password on accounts is still important, even though you are the only user on the PC. Without a password, anyone who can break-in and sit at the computer has access to all of your private information such as bank account information or any other private information on the PC. Also, any malicious program that accesses the system can more easily use your admin account. The way you operated on XP is excellent. Use the same setup for Vista and you will add even more layers of protection.  SignatureRonnie Vernon Microsoft MVP Windows Shell/User > The password protect isn't much of an issue since it is just me using the > computer. So I am still not clear why it would be better to even set up a [quoted text clipped - 29 lines] >> > >> > Thanks! Hello, I would personally recommend using an admin account for your situation. Using a standard user account would involve a slight amount of extra work, as it would require you to enter a password every time you wanted to perform as an administrative action, as opposed to just being asked yes or no when running as an administrator. But, the reason why I suggest using an administrator account, is that some programs may get confused between the two users on your system that you are using. When you perform an administrative action from a standard user account, you are really using your other administrator account to do that operation, and this can lead to some issues. When you are using an administrator account, there is only one account (although the protection is still there), and so you avoid these issues. That being said, it is likely that it would be even more secure to use a a standard user account *only* for non-admin things, and log out of that standard user account and log in to an admin account in order to *only* do admin things, and then never mixing the two (never entering your admin password from your standard user account). Signature- JB Microsoft MVP - Windows Shell/User Windows Vista Support Faq http://www.jimmah.com/vista/ hmmmm...? I understand what all of you are saying, I guess I am not convinced either way. It sounds like using a standard account for non admin things and using an admin account for admin things is the most secure way to go.....but the most work. In addition, this set-up and the extra work may not be entirely necessary. Perhaps the ambiguity in the answer to this dilemma lies in the fact that we are taking precautions based on risk. This particular risk cannot be accurately measured. So, my interpretation is.......If any sort of security breach (even though a very small risk) is totally unacceptable, then I should set up the multiple accounts and operate accordingly. If I am willing to take a bit of risk in order to operate my computer without the bother of passwords and multiple accounts, then I will just run as the admin account. I think I will go with the latter. Should I set-up a personalized admin account or just use the default admin account? By the way, thanks so much for your advice. gpzbc > Hello, > [quoted text clipped - 21 lines] > admin things, and then never mixing the two (never entering your admin > password from your standard user account). Yes, this is a risk management decision :). From least secure to most secure: 1) Using only an admin account 2) Using a standard user account, and then elevating to an admin account when doing an admin operation 3) Using a standard user account ONLY for non-admin tasks, and an admin account ONLY for admin tasks, and never mixing the two The more secure decisions have less risk, but are more inconvienent. I certainly wouldn't say that if you follow the most secure way you will never have a security incident. However, you are more at risk of such an incident by choosing a less secure method. That being said, I am personally content to run in an administrator account on my machine, because I think it is an acceptable risk for me. You are right that these are things that are hard to quantify in order to make a good call on. I suggest that you never use the account named "Administrator" (it is hidden and disabled by default) - it is not protected by UAC and so is very insecure to use. Any other administrator account is fine to use, and you can have as many as you want. Signature- JB Microsoft MVP - Windows Shell/User Windows Vista Support Faq http://www.jimmah.com/vista/ Thank you very much! |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.