Ok, Tom's Hardware... You've never let me down before, so I need your advice. But my ignorance will likely shine in how I ask this question, so please bare with me...
I'm trying to enforce best practice on a PC by seperating user and admin log ins. My goal - log in as a regular user on Windows 11 with the capability to make Admin changes or access certain files/folders with a PIN. Right now I log in with the same creds as my main MS account, something I want to change for obvious reasons.
Would this be best done by creating a dummy MS Account and assigning that account as Admin, then demoting the current main MS Account/Admin to Standard User, or just creating a Local User login for day-to-day? I've just started studying for my Security+ cert which prompted the change. MS says signing in with an actual account is most secure, while the Security+ instructors all say a Local User for day-to-day is most secure.
Thoughts? Any MS-Cyber experts in the house?
Thanks guys!
~M
I'm trying to enforce best practice on a PC by seperating user and admin log ins. My goal - log in as a regular user on Windows 11 with the capability to make Admin changes or access certain files/folders with a PIN. Right now I log in with the same creds as my main MS account, something I want to change for obvious reasons.
Would this be best done by creating a dummy MS Account and assigning that account as Admin, then demoting the current main MS Account/Admin to Standard User, or just creating a Local User login for day-to-day? I've just started studying for my Security+ cert which prompted the change. MS says signing in with an actual account is most secure, while the Security+ instructors all say a Local User for day-to-day is most secure.
Thoughts? Any MS-Cyber experts in the house?
Thanks guys!
~M