Is it still recommended to do your daily tasks in a non-administrator user account, or is that obsolete advice in windows 8-10?
Personally, my Microsoft Account login has administrator privileges. There is absolutely nothing wrong with having a main user account with user privileges and a seperate local account with administrator privileges.
What you absolutely do NOT want to do is rely upon or use the built-in Administrator account as your routine administrator account.
Sorry, I didn't get it. What is the built-in admin account? Is is the microsoft user account that windows 10 wants you to set up upon installation?
And what is bad about it?
excerpt from this tutorial :
administratoruser- Is an unelevatedadministrator account that is created by default during the installation of Windows, or is already setup for you on an OEM (ex: Dell) computer. This account can be a local account or Microsoft account. An administrator account has complete access to the computer, and can make any desired changes. If an administrator user tries to do something that requires elevated rights (ex: run as administrator), Windows will display a UACprompt for the administrator user to approve before allowing the action.
Built-in "Administrator"- The hidden built-in elevated "Administrator account" is a local account that has full unrestricted access rights to the PC. By default, this "Administrator" account will not be prompted by UAC. Anything that runs while signed in to this "Administrator" account will also have full unrestricted access to the PC, so it is not recommended to use the built-in "Administrator" account for everyday usage. It's recommended to only use the built-in "Administrator" account as needed instead.
RE : Is it still recommended to do your daily tasks in a non-administrator user account, or is that obsolete advice in windows 8-10?
This tune has seldom been played nowadays.
My personal opinion only : To me such an advice is obsolete.
However, for beginners or under-aged people who require parental supervision, a Standard account is absolutely recommended.
thanks, got it now.
The tokenized Administrator is a short cut system to the way that Professional system administrators have used for many years, they would always have a standard user for day to day use and only use their administrator user when required. In a networked system this meant that they saw the system as a user so could see any problems and correct them quickly, the issue was that they would need to change users, (log out as the standard user and login as admin), or actually visit the server location, every time they needed to do any admin work, the Microsoft system eliminates the annoyances, but retains the security of a two user system ... Also if a standard user is met by a UAC prompt an Admin can simply enter credentials to continue with out the need to log out the standard user.
The UAC prompt is a well thought out security model as when it does pop-up only the mouse and keyboard have access to it, this means that if you do not know the required access credentials you are not getting in
You are welcome.