Windows 10, still suggested to run under User account for daily tasks?

biggles

2[H]4U
Joined
Jul 25, 2005
Messages
2,215
Can't remember where I read this long ago. It has been said that Windows users should do daily tasks (email, web browsing, gaming, MS Office, etc) under a User account. And to only use Admin accounts when necessary. For instance, certain programs could not be installed or run unless logged into Admin. Reason given was that Windows was not as secure vs other operating systems like Mac OS or Linux. And this was to prevent certain types of malware infections.

Is this still true in 2018 for Windows 10?

Assuming one sticks with this approach, is it wise to do Windows OS updates while logged into Admin? Same question for antivirus program updates or antivirus scans.
 
Isn't it generally best practice to perform daily tasks as a basic user on any OS? Scratching your butt in Linux requires elevation, you could 'sudo su' and run permanently elevated, but people would probably call you an idiot. Even Macs have similar restrictions; one of my co-workers was trying to help someone update their Citrix Receiver client and they didn't know the admin password to their Mac.
 
It depends. It seems I'm an idiot as I run all my physical machines (24/7 for over 10 years), my relatives' machines, my countless VM machines, as Administrator since year 2004. Never ever had any issues with this, just the contrary, my life was and is good with less obstacles working with machines. Win10/2016 put another obstacle like being harder to work with UAC fully disabled so I was forced to keep this 'MF' partially enabled even with Administrator.
The slight thing is, I don't do many risky things, apply common sense and keep a good hygiene. I also test everything in VMs first and rarely install/uninstall software 'just because'. Of course regularly updating Windows and software like browsers, email clients etc.
Once in a blue moon I take one image of my main installation, mount it in VMs where I have some antivirus software and scan just to prove to myself and opponents that I'm clean :) .
 
depends on how paranoid you are about security. my account is my admin account.
 
It depends. It seems I'm an idiot as I run all my physical machines (24/7 for over 10 years), my relatives' machines, my countless VM machines, as Administrator since year 2004. Never ever had any issues with this, just the contrary, my life was and is good with less obstacles working with machines. Win10/2016 put another obstacle like being harder to work with UAC fully disabled so I was forced to keep this 'MF' partially enabled even with Administrator.
The slight thing is, I don't do many risky things, apply common sense and keep a good hygiene. I also test everything in VMs first and rarely install/uninstall software 'just because'. Of course regularly updating Windows and software like browsers, email clients etc.
Once in a blue moon I take one image of my main installation, mount it in VMs where I have some antivirus software and scan just to prove to myself and opponents that I'm clean :) .
Are you my co-worker? I think he uses numerous Linux VMs. He has a collection of SD cards with various Linux builds. I joke with him and ask if he's going to hack the Gibson, he claims to have never seen Hackers.

At home I run everything as admin and use Virus Total to scan questionable things, at work, I run as an unprivileged user and use my admin accounts when necessary because I don't want to be the one responsible for unleashing something there.
 
Its never good practice to run as admin unless your doing admin things. But do as you will. Just know this is exactly why windows is the easiest OS to target... its users (and developers) tend to be tools.

https://blogs.msdn.microsoft.com/aaron_margosis/2004/06/17/why-you-shouldnt-run-as-admin/

This has been the common accepted way to do things since forever. MS-DOS was a simple home aimed OS.... every real non hacked together for consumer gear machines since the 50s have had rights management.

https://www.computerworld.com/artic...-vulnerabilities-can-be-easily-mitigated.html

I know I come off strong on this one... but I have had countless Linux is more secure arguments over the years. In ever case the first defense a windows user will throw out is... "if linux had users it would get attacked just as much." NO just no that is flat out wrong. Linux has more users and more important to hackers more lucrative targets. Social engineering is always the easiest way into anything... still if an organization has proper rights management policies it makes it much harder. Running windows as an admin account is asking for what you get... any software you run has complete access no need for any fancy double exploit ins when you leave the doors and windows wide open.
 
I have always used admin accounts on all my personal systems and have never had a single issue stem from it.
 
I have always used admin accounts on all my personal systems and have never had a single issue stem from it.

On June 6th 1944 a great uncle of mine landed on Juno beach. He came home while friends of his didn't. Some say you make your luck and sometimes your just lucky.

Not 100% of people running as an admin are going to get hacked... or hit a bunch of viruses.... or end up with root kits and key loggers installed on them. However I can tell you that darn close to 100% of users not using admin accounts won't ever have to worry about any of that type of stuff.

I stand by my view... using an admin/power user account on a personal computer where you are doing banking ect... is plain dumb. Its like having relations with a woman/man you just met at a bar, chances are good that your'll be fine without bothering with protection. But why would you be that silly.
 
Totally not following the view that people with non-admin accounts would 'never' suffer from stuff...
Just the opposite. People with admin accounts most likely know what they do while non admin users are the dumb users that accept the defaults of their os and believe me, get hacked much more than 'admin' users.
That's my opinion.
I use admin accounts with the full knowledge of what I'm risking, what I gain etc.
I always did good from being admin than what I would have gained as security if I had used non-admin. The practice proved that for almost twenty years.

P.S. Even if today I get infected... I won't change my point. Once in 20 years is... acceptable, I make my backups and OS images.
 
Last edited:
Ah, a split opinion on the subject then.

How about the second part, is it suggested to do antivirus and OS updates on the admin account? For OS updates, I suspect the install does not complete 100% if done on user account. Was getting blue screens recently. Logged into admin and it had screens with text indicating an OS update had just occurred (it had been done weeks ago). Anyway, after this admin login the blue screens have gone away.
 
Just speculating but... most "home" users will follow the OS defaults after installing it - they always use normal user account and almost never switch to Administrator. Win10 is known for its aggressive updating policy and of course it works where the user most likely spends 99% of their time - in the normal account. Administrator account is even disabled by default :) .
 
Show me a windows user who says he's never been infected and I'll show you an ignorant person that doesn't know what's going on in his computer.
 
Back
Top