Admin or not admin

[Chilipepper]

Hello all,

I'm new to the forum but I plan to stick around. I'll take the time to introduce myself later as I'm writing this from a live CD while I download Windows from Digital River.

Over the last year or so I've been hit with a trojan and multiple redirect viruses, didn't bother me much, just reinstalled Windows and went on with my day however now I actually use my computer (not for work or anything, but having to do a fresh install sucks especially when you wern't yet exposed to "backing up"

Basically I just want to quickly know before I install the iso what you guys reccomend for user accounts (keeping convience in mind) Most things say dont use an admin account however entering your admin password every 30 seconds seems pretty frustraiting and I noticed most of your security configs have admin accounts being used. Keep in mind I will have (and in a few days post) my security config. The whole thing, real time protection, on demand tools, back up too. So is it ok for my primary account to be a password locked Admin account? Should I make a second account?

Basically I want to know a user profile setup before I go and start installing software so I start up on the right foot.

Also, I'm going to use the forum search as I'm sure its been asked but I'm wondering what settings to use for Windows Update

 

[Ink]

Hello and Welcome

May I ask what OS you'll be using?

I always advice to use a password for any User account on your PC. A password can prevent unauthorised users from viewing your documents/files (if not shared), browsing through your web browser history etc.

Creating 2 or more Admin accounts is pointless, so 1 admin and 1 standard (or more, depending on users for PC) would be more suitable.

However, if you're planning to install / uninstall / modify settings through the Standard (non-admin) account, then you'll be required to enter the password for the Admin account via the the UAC prompts (Vista and higher).

Windows 8 users can use their MS account as a standard user, Store apps can be installed without UAC authorisation.

Windows Update can be set to automatic. It will download and install updates, optional updates (ie. Bing desktop, Silverlight) won't be auto-installed, but remember to uncheck and hide if you wish to not see them again.

I believe Windows Updates are installed regardless of whether you're using an Admin, Standard or Guest account.

So is it ok for my primary account to be a password locked Admin account?

Should I make a second account?

Basically I want to know a user profile setup before I go and start installing software so I start up on the right foot.

Also, I'm going to use the forum search as I'm sure its been asked but I'm wondering what settings to use for Windows Update

 

[Chilipepper]

It will be Windows 7.

I'm more concerned about malware. Atleast on a limited account I need to enter a password everytime I run an administrative command. But on an admin account you never know what can be being executed. Also updates are optional at the end of the Windows 7 install. I've read on some sites its better to decline the mass install and filter out a few specific ones.

I've always heard a limited account is more secure against malware however with the right security set up, is it safe to run admin all the time?

 

[MalwareVirus]

It will be Windows 7.

I'm more concerned about malware. Atleast on a limited account I need to enter a password everytime I run an administrative command. But on an admin account you never know what can be being executed.

I've always heard a limited account is more secure against malware however with the right security set up, is it safe to run admin all the time?

If virus is able to fool UAC in administrative account than it also able do it in limited account(IMO) if you manaually enter passward for virus or suspicious file than you are not safe in limited account too.
If your computer is private and you care what you are downloading and you are using UAC properly to check the certificate of file,whome to issued than i think you are safe with administrative account too.
But limited account gives you more profit in account of privacy.So creat standerd account or guest account for others.So if somehow they open a newly download malacious file than they have to enter passward

 

[I'm Me]

I have my UAC set to maximum but was using a standard account. I recently became tired of always having to enter my password, so I've switched over to an administrator account. I am careful about what and where I download and I am the only one that uses this computer on an every day basis. So far I haven't had any problems that I know about.

 

[Littlebits]

If you are the only user of this system, running Admin account will be sufficient if you always only download files from trusted resources, always pay attention to UAC notifications never approve anything that you don't know for sure is safe, always read EULA on installers for possible adware and know how to opt-out.

UAC on default settings is enough to protect your system, however if you want to block keyloggers and password stealers, you can put UAC on Max setting but you will have more notifications for harmless programs.

If you have several users on this system, I recommend creating Limited User Accounts for them and never give out your password for the Admin account.

When searching on the web, you will find a lot of articles saying that "malware can bypass UAC" this is completely false, if you do more intense investigation you will find what they meant to say is malware fools the user when UAC gives them notifications. Users will not even pay attention and just click "approve". The last time that a vulnerability was discovered in UAC was back when Windows Vista was in Beta testing. So far no current known vulnerabilities in UAC applying to Vista, Windows 7 and 8 if you have applied all of the latest Windows Updates and Service Packs.

Still third-party security software vendors still try to bring up the old news about vulnerabilities in UAC dating back when Vista was in beta testing as scareware tactics to sell their products.

UAC doesn't get fooled, the users get fooled.
Always read before clicking "approve" and you will not have this problem.

Enjoy!!