Do you use and Admin Account or a Standard User Account

  • Admin Account

    Votes: 57 76.0%
  • Standard User Account (SUA)

    Votes: 19 25.3%
  • Total voters
    75

Chri.Mi

Level 7
Yes it can depend how the computer is being used. Some people have more risk than others, and some people have different needs. Devs have a hard time running on SUA.
This is true... but u are telling depend between ppls and ppls... how can be something mandatory so?
 

blackice

Level 28
Verified
This is true... but u are telling depend between ppls and ppls... how can be something mandatory so?
I think a better way to put it would be default. Windows should default to having a SUA for daily work and a secondary admin account for admin tasks.

I personally don't feel that running an admin account is extremely risky for users who practice safe habits and don't download much or use cracks. However, these same people are less inconvenienced by SUA. If admin accounts were the end of the world we'd see a lot more infections. However, based on research, if SUA was the default and most people used it there would be far fewer infections. So I guess if you know the information and risk you can make that decision. The problem is most people don't understand it's much more secure to run SUA for daily tasks.
 

Chri.Mi

Level 7
Personally i hate much SUA and account control always notify... pop for every stupid thing... and i rly doubt threats are blocked but those mechanism. I feel like is a sensation to stay safe...
 

blackice

Level 28
Verified
Personally i hate much SUA and account control always notify... pop for every stupid thing... and i rly doubt threats are blocked but those mechanism. I feel like is a sensation to stay safe...
I would most definitely suggest UAC at always notify if you are running admin. It will prevent lots of threats if you have something try to run. But, there are also a lot of UAC bypasses that only work in Admin. So, you are right it doesn't stop everything, but it will stop some. SUA will stop approx. 80%, which is even better.
 

Chri.Mi

Level 7
Just for ask... How ppls get malwares? Personally if ppl dont use cracks, keygens and dont download from untrusted site i dont find how can be infected.
 

blackice

Level 28
Verified
@blackice , a small tip. You should probably post a few of those researches/reports that been shared over the years. Hopefully could help even if I know some refuse learn/listen anyway.
@Andy Ful shared some great information a while ago
For security reasons, it is good to use SUA as a daily work account.

About 80% malware run with the rights higher than standard user:
Malicious code and the Windows integrity mechanism - Securelist

Most Windows vulnerabilities can be mitigated by removing Administrator's rights from the PC's user:
Want to secure a Windows PC? Turn off Administrator rights

When using SUA (without a pain), some conditions should be fulfilled for daily work applications:
1. They should work as standard user (no UAC prompt when executing, saving config files, etc.).
2. They should autoupdate with higher rights via scheduled task.
3. Alternatively, they should work in AppContainer (Universal Applications from Windows Store).

SUA can work well for anyone, who does not:
  • install many programs,
  • frequently run programs & tasks, that require Administrative Rights,
  • need frequent access to 'Windows' or 'Program Files ...' folders.
I think that most average users can be secure & happy with SUA, with occasional help & guiding from more experienced user. The experienced user, should persuade family members or friends to use SUA, because he/she will have much less work with their computers.

See also (some of many threads):
User Account like a Castle
Poll - Administrator Account vs Standard/Limited User Account
Is using the Admin Account safe?

Also @shmu26 shared some valuable information as well

BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights
April 24, 2019
BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights

And our occasional member @Umbra shared in this thread: Can't quote a deleted member, but the thread is useful.
 

blackice

Level 28
Verified
As I said before, I actually don't get after people too much if they run an admin account IF THEY UNDERSTAND THE RISK. I've done both, and not seen anything malicious. Which is a data point of one user. But users must know the risk, which is the problem with defaulting to admin.
 

Digmor Crusher

Level 8
Verified
So I checked my account, Local Account Administrator, which am I? This account thingy, Microsoft password stuff I have no use for. All I know my computer works and I don't need to log in with a password, exactly how I like it.