Admin user vs. Standard user

Posted: 01-17-2009, 06:00 PM

::-Microsoft recommends everyone setup and use a Standard user accoun
to enhance protection...
-::"The 'standard account' (http://tinyurl.com/7bcng3) can hel
protect your computer by preventing users from making changes tha
affect everyone who uses the computer. We recommend creating a standar
account for each user".::-
Q: ON A COMPUTER WITH ONE AND ONLY ONE USER. DOES THE STANDARD ACCOUN
OFFER ANY ADDITIONAL PROTECTION BEYOND ~ PROTECTING ME FROM MYSELF
DOES A ONE USER COMPUTER HAVE ANY MORE PROTECTION AND SECURITY USING
CREATED STANDARD USER ACCOUNT VS. USING THE DEFAULT ADMIN USER ACCOUN
RESPECTFULLY SUBMITTE
BJ

::

--
bj
Posted via http://www.vistaheads.co

Admin user vs. Standard user


Responses to "Admin user vs. Standard user"

Bruce Chambers
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 06:57 PM
bjm wrote:
> ::-Microsoft recommends everyone setup and use a Standard user account
> to enhance protection....
> -::"The 'standard account' (http://tinyurl.com/7bcng3) can help
> protect your computer by preventing users from making changes that
> affect everyone who uses the computer. We recommend creating a standard
> account for each user".::-
> Q: ON A COMPUTER WITH ONE AND ONLY ONE USER. DOES THE STANDARD ACCOUNT
> OFFER ANY ADDITIONAL PROTECTION BEYOND ~ PROTECTING ME FROM MYSELF~
> DOES A ONE USER COMPUTER HAVE ANY MORE PROTECTION AND SECURITY USING A
> CREATED STANDARD USER ACCOUNT VS. USING THE DEFAULT ADMIN USER ACCOUNT
> RESPECTFULLY SUBMITTED
> BJM
>
> ::-
>
>

Routinely using a computer with administrative privileges is not
without some risk. You will be much more susceptible to some types of
malware, particularly adware and spyware. While using a computer with
limited privileges isn't the cure-all, silver bullet that some claim it
to be, any experienced IT professional will verify that doing so
definitely reduces that amount of damage and depth of penetration by the
malware. If you do happen to get infected/infested while running as an
administrator, the odds are much greater that any malware will be
extremely difficult, if not impossible, to remove with formating the
hard drive and starting anew. The intruding malware will have had the
same (administrative) privileges to all of the files on your hard drive
that you do.

A technically competent user who is aware of the risks and knows
how to take proper precautions can usually safely operate with
administrative privileges; I do so myself. But I certainly don't
recommend it for the average computer user.

Further, the built-in Administrator account was never intended to
be used for day-to-day normal use. The standard security practice is to
rename the account, set a strong password on it, and use it only to
create another account for regular use, reserving the Administrator
account as a "back door" in case something corrupts your regular
account(s).

Also, please unstick your CapsLock key. Posting in all caps, as
you have done, is the Usenet equivalent of shouting, and is considered
very rude by a large number of people. More importantly, posting in all
caps makes the post harder to read, further reducing your chances of
getting help; a great many people won't even try to read such a message.
If you really want help, simply comply with the dictates of common
courtesy and the conventions of the venue.


--

Bruce Chambers

Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html

http://support.microsoft.com/default.aspx/kb/555375

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot
bjm
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 08:18 PM

Mr. Chambers
thank you for your time and interest in my issue..
re: Also, please unstick your CapsLock key. Posting in all caps, a
you have done, is the Usenet equivalent of shouting, and is considere
very rude by a large number of people. More importantly, posting i
al
caps makes the post harder to read, further reducing your chances o
getting help; a great many people won't even try to read such
message
If you really want help, simply comply with the dictates of commo
courtesy and the conventions of the venue
-Please view my original post. I was not shouting. Somehow in you
reply/quote process part of my original post went all caps. My origina
post was not caps. I may be new to this Forum but I am awar
of Forum protocol.

Respectfully submitte

bjm

--
bj
Posted via http://www.vistaheads.co

Steve Thackery
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 08:36 PM
> My original
> post was not caps.
It was - from the section beginning "Q:" onwards.

Respectfully,

SteveT
bjm
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 08:56 PM

Mr. Chambers,
Please permit me to continue our dialog Admin vs. Standard. I though
with the Vista OS (which has a hidden system Admin account) that th
user default Admin account and the user created Standard account ar
both LUA (Limited User Account/Access) accounts. I thought the onl
difference under the hood between the two is that user Admin allowe
click through for UAC prompts and user Standard required password fo
UAC prompts
Please commen
(no part of this post was typed shouting
Respectfully submitte
bj

--
bj
Posted via http://www.vistaheads.co

Christopher R. Lee
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 09:04 PM
I don't suppose I'm the only user who regularly downloads executables. It's
a real pain if you have to change username every time.

Anyway, even an administrator account doesn't let you do normal things like
changing file/directory attributes.

Finally, Windows obsessively directs users to individual user storage areas,
making the data (theoretically) inacessible when you change username. Worse,
since user storage area names aren't the names of real directories, backup
is difficult, and you are likely to lose all your data if and when you
change computers or get rid of this OS.

Regards


"Bruce Chambers" <bchambers@cable0ne.n3t> a écrit dans le message de news:
Oi2mxVNeJHA.556@TK2MSFTNGP06.phx.gbl...
> bjm wrote:
>> ::-Microsoft recommends everyone setup and use a Standard user account
>> to enhance protection....
>> -::"The 'standard account' (http://tinyurl.com/7bcng3) can help
>> protect your computer by preventing users from making changes that
>> affect everyone who uses the computer. We recommend creating a standard
>> account for each user".::- Q: ON A COMPUTER WITH ONE AND ONLY ONE USER.
>> DOES THE STANDARD ACCOUNT
>> OFFER ANY ADDITIONAL PROTECTION BEYOND ~ PROTECTING ME FROM MYSELF~
>> DOES A ONE USER COMPUTER HAVE ANY MORE PROTECTION AND SECURITY USING A
>> CREATED STANDARD USER ACCOUNT VS. USING THE DEFAULT ADMIN USER ACCOUNT
>> RESPECTFULLY SUBMITTED
>> BJM
>>
>> ::-
>>
>>
>
>
> Routinely using a computer with administrative privileges is not
> without some risk. You will be much more susceptible to some types of
> malware, particularly adware and spyware. While using a computer with
> limited privileges isn't the cure-all, silver bullet that some claim it to
> be, any experienced IT professional will verify that doing so definitely
> reduces that amount of damage and depth of penetration by the malware. If
> you do happen to get infected/infested while running as an administrator,
> the odds are much greater that any malware will be extremely difficult, if
> not impossible, to remove with formating the hard drive and starting anew.
> The intruding malware will have had the same (administrative) privileges
> to all of the files on your hard drive that you do.
>
> A technically competent user who is aware of the risks and knows how
> to take proper precautions can usually safely operate with administrative
> privileges; I do so myself. But I certainly don't recommend it for the
> average computer user.
>
> Further, the built-in Administrator account was never intended to be
> used for day-to-day normal use. The standard security practice is to
> rename the account, set a strong password on it, and use it only to create
> another account for regular use, reserving the Administrator account as a
> "back door" in case something corrupts your regular account(s).
>
> Also, please unstick your CapsLock key. Posting in all caps, as you
> have done, is the Usenet equivalent of shouting, and is considered very
> rude by a large number of people. More importantly, posting in all caps
> makes the post harder to read, further reducing your chances of getting
> help; a great many people won't even try to read such a message. If you
> really want help, simply comply with the dictates of common courtesy and
> the conventions of the venue.
>
>
> --
>
> Bruce Chambers
>
> Help us help you:
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> http://support.microsoft.com/default.aspx/kb/555375
>
> They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety. ~Benjamin Franklin
>
> Many people would rather die than think; in fact, most do. ~Bertrand
> Russell
>
> The philosopher has never killed any priests, whereas the priest has
> killed a great many philosophers.
> ~ Denis Diderot

Gordon
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 09:16 PM
"Christopher R. Lee" <lee.eliane@wanadoo.fr> wrote in message
news:efTqBdOeJHA.5648@TK2MSFTNGP02.phx.gbl...
>I don't suppose I'm the only user who regularly downloads executables. It's
>a real pain if you have to change username every time.
Why do you "have to change username" to download executables? I download
executables all the time in my standard user account...
>
> Anyway, even an administrator account doesn't let you do normal things
> like changing file/directory attributes.
Of course it does - why do you think it doesn't?
> Finally, Windows obsessively directs users to individual user storage
> areas, making the data (theoretically) inacessible when you change
> username.
Not at all - run Windows Explorer as Administrator.
> Worse, since user storage area names aren't the names of real
> directories,
Eh? Where did you get that lot of rubbish from? How is C:\Users\{My account
name}\Documents\ not a "real" directory?
> backup is difficult,
No it's not - explain.
> and you are likely to lose all your data if and when you change computers
> or get rid of this OS.
I've NEVER lost data when changing from one OS to another.

--
Asking a question?
Please tell us the version of the application you are asking about,
your OS, Service Pack level
and the FULL contents of any error message(s)

Gareth Erskine-Jones
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 10:06 PM
On Sat, 17 Jan 2009 21:16:03 -0000, "Gordon"
<gordonbparker@yahoo.com.invalid> wrote:
>"Christopher R. Lee" <lee.eliane@wanadoo.fr> wrote in message
>news:efTqBdOeJHA.5648@TK2MSFTNGP02.phx.gbl...
>>I don't suppose I'm the only user who regularly downloads executables. It's
>>a real pain if you have to change username every time.
>
>Why do you "have to change username" to download executables? I download
>executables all the time in my standard user account...
I suppose he might have meant downloading and installing programs,
which usually requires admin rights. A regular admin account when UAC
is enabled will have two security tokens - one used normally, and
without the rights to access sensitive areas, and one used (after the
UAC prompt has been clicked through) for admin tasks. A standard
account only has one security token and so when you try to install an
application to a sensitive area, will prompt for the credentials of an
administrative account.
>> Finally, Windows obsessively directs users to individual user storage
>> areas, making the data (theoretically) inacessible when you change
>> username.
>
>Not at all - run Windows Explorer as Administrator.
Indeed - the built in security can be turned off. Rather foolish IMO,
but it can be done.
>> Worse, since user storage area names aren't the names of real
>> directories,
>
>Eh? Where did you get that lot of rubbish from? How is C:\Users\{My account
>name}\Documents\ not a "real" directory?
He didn't say it wasn't. He said the user storage area names aren't
the names of real directories. By default, a user will have a folder
called c:\users\username\documents...

...but try this - create an account, a regular one, just for testing.
Then create a folder somewhere on the PC and call it "NotDocuments",
e.g. d:\NotDocuments.

Log in using the new account, right click on Documents on the start
menu, choose properties, and on the location tab, use the move option
to change the directory to d:\NotDocuments.

Now, you still have the "Documents" user storage area which appears in
various places in explorer, but if you use cmd.exe you can see that
the real name of the folder is still d:\NotDocuments.
>
>> backup is difficult,
>No it's not - explain.
>
>> and you are likely to lose all your data if and when you change computers
>> or get rid of this OS.
>
>I've NEVER lost data when changing from one OS to another.
Copy a file containing multiple streams from an NTFS partition to a
Ext3 one. Does it still have multiple streams?


--
http://www.sgat-computing-services.co.uk/
bjm
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 10:24 PM

To: Steve Thackery

this is copy/paste of my original post

::-Q: ON A COMPUTER WITH ONE AND ONLY ONE USER. DOES THE STANDAR
ACCOUNT OFFER ANY ADDITIONAL PROTECTION BEYOND ~ PROTECTING ME FRO
MYSELF
DOES A ONE USER COMPUTER HAVE ANY MORE PROTECTION AND SECURITY USING
CREATED STANDARD USER ACCOUNT VS. USING THE DEFAULT ADMIN USER ACCOUN
RESPECTFULLY SUBMITTE
BJ
I DID NOT TYPE IT CAPS AND AS I'M VIEWING IT NOW IT'S NOT CAPS
::

--
bj
Posted via http://www.vistaheads.co

Michael Walraven
Guest
Posts: n/a
 
Re: Admin user vs. Standard user
Posted: 01-17-2009, 10:43 PM
from a kibitzer:

the quote is in CAPS for me. (reading in Window Live Mail, newsreader part).
the sentence:
this is a copy/paste of my original post
is in lower case

viewing the message source show the same thing

Michael


"bjm" <bjm.3m6i86@no-mx.forums.vistaheads.com> wrote in message
news:bjm.3m6i86@no-mx.forums.vistaheads.com...
>
> To: Steve Thackery
>
>
> this is copy/paste of my original post
>
> ::-Q: ON A COMPUTER WITH ONE AND ONLY ONE USER. DOES THE STANDARD
> ACCOUNT OFFER ANY ADDITIONAL PROTECTION BEYOND ~ PROTECTING ME FROM
> MYSELF~
> DOES A ONE USER COMPUTER HAVE ANY MORE PROTECTION AND SECURITY USING A
> CREATED STANDARD USER ACCOUNT VS. USING THE DEFAULT ADMIN USER ACCOUNT
> RESPECTFULLY SUBMITTED
> BJM
> I DID NOT TYPE IT CAPS AND AS I'M VIEWING IT NOW IT'S NOT CAPS.
> ::-
>
>
> --
> bjm
> Posted via http://www.vistaheads.com
>
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Stopping standard user actions using run as admin Geylan Windows Vista Security 2 04-14-2008 11:19 PM
standard user can see admin files after UAC asked for password Cell Windows Vista Administration 0 01-09-2008 12:08 AM
Standard User works like admin account jcraig33 Windows Vista Administration 6 06-15-2007 02:17 AM
different between uac admin and standard user Marc Winston Windows Vista Administration 2 03-04-2007 02:16 PM
setting up standard user with admin-like properties makingmoneynow Windows Vista Administration 1 02-08-2007 06:51 PM