Hi All - I am brand new to Win7, upgrading from an old WinXP box. I have heard lots of things about security issues, increased control over who can run what, etc. I've also read that you shouldn't have your standard logon account as an 'administrator', rather it should be a 'Standard' user.
My computer usage is just for home. I have a wireless router but the win7 and XP machines are pluged in via ethernet cable. Usage isn't too demanding, firefox, netflix streaming, Civ4, some photo editing (gimp), some VB hacking, etc
So, here is my thinking on how I will set up my Win7 user accounts ...
Move the user profiles to their own dedicated drive - I used this method. Are there any known issues with this?
From there, I will ...
- Create 1 admin account
- Create 1 standard account
The general Win7 maintenance is done by the admin
- MS updates
- standard software (virus scanners, 3rd party defrag, 3rd party partitioning, etc)
The standard account will do the fun stuff ...
- loading games
- forum posting
- netflix streaming
- photo editing
- my blog updating
- my website updating
- MS Office programs (excel, word, etc)
- VB coding
I expect to use the standard account 85% of the time and the admin account 15% of the time. If I want to run a program under my standard account (say Civ4), who should install it - the admin account or the standard account? ... or does it make no difference?
I also have some regular tasks that run overnight (backup) ... if they are set up by the admin account, will they run if the standard user is the only user logged in?
So - am I totally off base? Any suggestions / comments?
Is this computer just for you or for your entire household? You wouldn't have to go to such lengths for securing your computer. You can turn off remote assistance, you can also leave user account control whenever a program wants to change something.
If you know what you are doing and its just you there's no real reason to do this. all my accounts are admin with uac off and never been a single security issue.
standard accounts really only help if whoever is using them doesn't have the admin password since most security problems are caused by users. UAC does nothing since users are conditioned to click yes and if they want to install a program they will. a user with access to the admin account will simply bypass install restrictions and install as admin if the program asks because they have already decided they want to install it. neither do anything about preventing bad program installs.
standard accounts just stop inexperienced users from making mistakes because someone else has to review their bad choices when they are denied access to something.