One User Laptop - Always Admin or Not

I am moving from xp to Windows 7 (skipped Vista). Do most one user systems (I am the only one using my computer) just use an admin user account all the time (as I do in xp), or do most people use a regular user account for daily work and the admin only when needed?

 

I don't know what most people do (and, as a general rule, most people are idiots ), but the only rational way to run a modern computer is to use the administrative account for administrative purposes only. It doesn't matter if this is a "one-user" machine or a "thousand-user" machine.

P.S.: As an aside, this same rule holds, in spades, for XP, by the way...

 

In all of the computers I've owned, I was always the main user, and I always used an Admin account for myself. Anyone else used the Guest account. I find it annoying I'd have to switch accounts just to install something or change something (and don't even bring up UAC).

 

The default single account you use is always admin.

 

I use an admin account (not the built in admin account though) all the time.

 

If you are the ONLY user of the computer, why would you need to any accounts other than admin?

 

For security reasons. When you're logged on with the admin account, malicious codes (if penetrated) may also have full control of your system. On the other hand, yea, it sucks if you don't have full control of your own computer (and novice users will get confused) especially when you're the only person to use it.

This is why Microsoft has implemented the UAC which is an understandable security feature...although it may have annoyed so many users in reality.

 

People gets annoyed at UAC so easily, I fear the time when everryone will be running Linux

 

Since Vista, Windows is like Linux. No one is real admin. Your account maybe called "Administrator" but your are not true administrator. This creates a high level of security as malware can't be execute via another software, as if the software that wants to run the malware is not under true admin privilege (meaning you told Windows that this program is 100% safe), then the application will run under limited privileges and can't access your system to perform any damages (assuming of course that User Account Control is left at default setting or increased). Same applies with viruses. They can't be executed automatically or remotely (unless the remote user knows your admin account user name and password) and perform any system damages or act like a key logger.

The dialog box that request true admin privileges on a software is loaded in what is called secure account, where it's a basic account that gets automatically generated at a kernel level (so can't be hacked without true admin and bypassing Windows Vista/7 security witch is completely different over XP (Vista is a new Windows core made from the ground up, with THIS time - security first.. (XP is based on NT3 - released in 1993)). In result, because it's a generated secure account that gets loaded on top of your account, software can't control your peripheral to make like if you click on the button to allow authorization. Please note that this generated account, is not a full account... all it does is show a dialog box, sooo, we talk about generating a few KB at most that gets loaded in your RAM, and get removed once you allowed it to cancel it. Also this dialog box appears BEFORE the software actually starts. Windows looks for a 'manifest' data within the HEADER of the program which inform the Operating system if it require true admin privileges. If not found or says it doesn't need to, then the program will start execution by the operating system in normal privileges. Once started in normal privileges it can't be elevated after wards, unless the software is recompiled with the proper manifest file or you right click on the executable and select "Run as Administrator".

So as you can see, this is no joking around system.

Linux doesn't have such dialog box, rather you have to open the terminal, run the program with 'sudo' command and enter the true admin user name and password every time.