This is true... but u are telling depend between ppls and ppls... how can be something mandatory so?Yes it can depend how the computer is being used. Some people have more risk than others, and some people have different needs. Devs have a hard time running on SUA.
I think a better way to put it would be default. Windows should default to having a SUA for daily work and a secondary admin account for admin tasks.This is true... but u are telling depend between ppls and ppls... how can be something mandatory so?
Yeah same but malware tips trusted advisers recommended it enabled wich already caused me a headache to come back to.Personally i hate much SUA and account control always notify... pop for every stupid thing... and i rly doubt threats are blocked but those mechanism. I feel like is a sensation to stay safe...
I would most definitely suggest UAC at always notify if you are running admin. It will prevent lots of threats if you have something try to run. But, there are also a lot of UAC bypasses that only work in Admin. So, you are right it doesn't stop everything, but it will stop some. SUA will stop approx. 80%, which is even better.Personally i hate much SUA and account control always notify... pop for every stupid thing... and i rly doubt threats are blocked but those mechanism. I feel like is a sensation to stay safe...
Nonsense, I'm using SUA for almost 10 years, first on Windows7 and later on Windows10, installing software/programs is possible!
this is from Windows Central thats what author saidUsers with the standard account can work with apps, but they can't install new applications.
@Andy Ful shared some great information a while ago
Also @shmu26 shared some valuable information as wellFor security reasons, it is good to use SUA as a daily work account.
About 80% malware run with the rights higher than standard user:
Malicious code and the Windows integrity mechanism - Securelist
Most Windows vulnerabilities can be mitigated by removing Administrator's rights from the PC's user:
Want to secure a Windows PC? Turn off Administrator rights
When using SUA (without a pain), some conditions should be fulfilled for daily work applications:
1. They should work as standard user (no UAC prompt when executing, saving config files, etc.).
2. They should autoupdate with higher rights via scheduled task.
3. Alternatively, they should work in AppContainer (Universal Applications from Windows Store).
SUA can work well for anyone, who does not:
I think that most average users can be secure & happy with SUA, with occasional help & guiding from more experienced user. The experienced user, should persuade family members or friends to use SUA, because he/she will have much less work with their computers.
- install many programs,
- frequently run programs & tasks, that require Administrative Rights,
- need frequent access to 'Windows' or 'Program Files ...' folders.
See also (some of many threads):
User Account like a Castle
Poll - Administrator Account vs Standard/Limited User Account
Is using the Admin Account safe?
And our occasional member @Umbra shared in this thread: Can't quote a deleted member, but the thread is useful.BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights
April 24, 2019
BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights
True, except what he doesn't say is that a Standard User who knows the Admin password certainly can install new software. For example, if I set up a SUA for my wife she can't install software without my Admin password. This is what elevation of privileges is all about.