- Mar 29, 2018
- 5,025
You are using Admin account. If your machine is compromised, the malware will have unrestricted access = game over. Just so you know.
Of course, you are a knowledgeable user so take care.
Q&A It's 2020: Do you use an Admin account or Standard User Account?
- Thread starter blackice
- Start date
Of course, you are a knowledgeable user so take care.
- Aug 17, 2014
- 6,328
He wrote the following in quotes below:this is from Windows Central thats what author said
Have to change user account type? Here's how on Windows 10.
In this guide, we'll show you the different methods to change a user account type to give a friend or family member more (or less) control over what they can do on a Windows 10 computer.
- Jan 27, 2018
- 520
Ok, this thread is clarifying some items for me that I wasn't 100% sure of. Thanks.
Last edited:
- Jun 20, 2011
- 912
I'm using an Administrator account
I know I don't have to log in to my computer because I don't need it.
I only use this computer.
I know I don't have to log in to my computer because I don't need it.
I only use this computer.
Chri.Mi
Level 7
- Apr 30, 2020
- 337
For what i know/understand SUA will give more benefit cause restriction vs many malwares. My point of view is in safe habits u can use admin account (for example many leftovers in appdata and used data cannot be explored). Take in consideration a threat in admin account will certain make more damage then in SUA, but the point is avoid the threat. I would suggest to use something like Kaspersky KSN or Norton reputation thing, if a program is used by 10k ppl i doubt is a malware. The real problem are vs documents (pdf, etc), there a sandbox is a mandatory.
Last edited:
- Dec 23, 2014
- 6,106
Some clarifications about SUA.
- One can install applications when logged on SUA (without Admin password), if they do not require Admin rights.
- Some web browsers can be installed on SUA even if they initially ask for Admin rights. If the user chooses NO, then the browser can continue installation in %UserProfile% without Admin rights.
- The SUA is much safer when we talk about exploiting the programs or Windows features. This follows from the fact that processes running with Admin rights must do it on another account (a particular Admin account) and cannot run on SUA.
- One can install applications that require Admin rights when logged on SUA, but after writing the Admin password in UAC prompt, the installation is redirected to the Admin account. This can cause some issues because the application custom settings, made by the user during installation, will be written in the Admin user profile and not in the SUA user profile. After launching the application from SUA, the application cannot access these settings and the application has to be configured again.
- When the malware is running on Admin account with standard rigths, this is also the same account for many processes with Admin rights. Sharing the same account by the processes with different privileges is like sharing the same room with people who can be invected by COVID-19.
- If the malware is running on SUA (necessarily with standard rights), then there is no processes with Admin rights on SUA. High privileged processes are running on other account(s) (Admin type). This is similar to the situation when the infected patient is isolated in a single room from others.
- That is why there are many UAC bypasses on Admin account, but not on SUA.
Last edited:
So if I use admin credentials while on Sua all is lost then?
- Mar 29, 2018
- 5,025
No, because "High privileged processes are running on other account(s) (Admin type). This is similar to the situation when the infected patient is isolated in a single room from others."
- Apr 1, 2019
- 2,199
No, there is the potential malware could try to steal the credentials, but this is rare. Most malware looks to just run on an admin account since that’s what most people do.
- Dec 23, 2014
- 6,106
When the malware is already running on SUA with standard rights and you are going to run something with Admin rights when logged on SUA, then the malware can use it to elevate (sneak to Admin account). The secure way is to log in as Admin (without log off SUA) via <Start Menu> button and run the program directly from the Admin account.
- Mar 29, 2018
- 5,025
I believe @Freki123 was not clear about whether or not malware was already running. I assumed he wasn't.
I use default Windows Admin account (which is standard user because of UAC token) but with UAC to maximum instead of weak default level.
With that, SRP and other stuff like own behaviour it's secure and provide better comfort.
also Ransomware e.g. doesn't care if user is SUA or not. Malware need to be blocked at start
With that, SRP and other stuff like own behaviour it's secure and provide better comfort.
also Ransomware e.g. doesn't care if user is SUA or not. Malware need to be blocked at start
I feared it would be that way but wanted to be sure.
Thanks alot I didn't know that.
Thank you all for your kind answers
- Apr 1, 2019
- 2,199
I think most users here who understand safe habits and what is risky could run admin with no problems. Like you said the worst threats don’t care. With good SRP you should not have any problems.
- Dec 23, 2014
- 6,106
With the above conditions, the chances to be infected are very very small.
- Apr 1, 2019
- 2,199
Thanks to you SRP is made simple.With the above conditions, the chances to be infected are very very small.
- Jan 21, 2018
- 624
email - phishing attacks etc etc
- Jan 21, 2018
- 624
I use both Admin and SUA, for similar reasons to many here. Installation of new software and other tasks are not always possible while using a SUA, even when I can use the Admin password to elevate privileges I still find it easier to do these tasks using an Admin account. I try to keep good practice and revert back to SUA when I no longer require higher privileges, but so often find I'm still signed into an Admin account ages afterwards, a bad practice, but I don't lurk in the less salubrious parts of the internet.
blacksheep
Level 4
- Mar 8, 2020
- 177
I don't see any reason to use SUA in 2020. This is just my case.
- Jan 28, 2018
- 1,998
I think the benefits of SUA are a choice that Microsoft should appeal to a little more strongly. This is because users from the days when the administrator account was the default choice tend to perceive the SUA as special or inferior.
When not actively seeking out threats, the combination of SUA and WD is both safe and stable. The advantage of SUA, in my opinion, is impact mitigation in the event of a fall. The administrator account is bare. If you fall, you will definitely be injured. No one falls over intentionally. He falls when he doesn't notice the pebbles.
...I understand the benefits of such, but I'm using an admin account. This is because there is not enough space on the system disk to keep two accounts together.
When not actively seeking out threats, the combination of SUA and WD is both safe and stable. The advantage of SUA, in my opinion, is impact mitigation in the event of a fall. The administrator account is bare. If you fall, you will definitely be injured. No one falls over intentionally. He falls when he doesn't notice the pebbles.
...I understand the benefits of such, but I'm using an admin account. This is because there is not enough space on the system disk to keep two accounts together.