Question Still recommended to use non-admin account for day to day use in Windows?

[TJ Hooker]

I've seen it recommended numerous places that for security purposes your daily driver account in Windows you should be non-admin, with a separate admin account that you use only for specific tasks that require those permissions.

My question is, what does this accomplish that Windows UAC doesn't?

Whether your regular account is admin or not, if an application tries to do something that requires elevated permissions you'll get a pop up to confirm, the only difference is that with a non-admin account you need to enter a password. If you're the one trying to run that application you're just going to enter in the password anyway. I've recently changed my PC to use separate user and admin accounts, and the only practical difference I've found is that now I have to enter a password every time I want to launch HWiNFO64 or whatnot.

And to clarify, I'm not talking about securing your PC from other people who have who may have access to the 'daily driver' account but you want to restrict from messing around with any important settings that require admin privileges. Assume that you're the only person that has physical access to the PC for the sake of this question.

 

[wpgwpg]

I have sole access to my PCs and always use an admin account all the time. I do have a spare admin account just in case, but I've never regretted what I do. I guess if somebody is a little paranoid, maybe it gives them a sense of security. I make regular full system backups, so I know how to get everything back if need be. Maybe folks who don't make backups need to do something else to ease their anxities, but I'm too old and set in my ways to change my habits!

 

[Deleted member 14196]

it's a good way to stop you from something impulsive, sort of like having to type sudo in front of a command in linux to act as admin. it's always good practice.

some folks have a hard time not installing all kinds of junk and malware, and that kind should never have admin access, low user only. if you can trust yourself, go for it.

from a security standpoint it's good

 

[TJ Hooker]

Is having to type in the password (I'm assuming that you have the password memorized), rather than just clicking OK in the UAC prompt, really much of a deterrent though?