Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Using a non-admin account by default, and UAC considerations


  • Please log in to reply
13 replies to this topic

#1 Clairvaux

Clairvaux

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 23 November 2015 - 03:46 PM

I've always used an admin account on my (home, unshared) computer. I've always known I shouldn't.

 

I'm considering taking the plunge and using a non-admin account by default. I've been experimenting for a few weeks with two accounts for myself, on a fresh, unfinished install. I was almost sold on the idea, when a few straws broke the camel's back.

 

1. After considerable work, I was able to build a single Firefox profile shared by both accounts. However, I now realise that I will now have to replicate this for all my software, and try to tweak them so they look and act the same whoever the "user" is (me).

 

This will usually entail taking out vital data and settings out of %AppData%, and putting them in a common folder. But not all applications allow that, and those which do may not allow it for all the relevant data. I have many portable software, but sometimes you have to install. Software data and user customisations are updated continuously, so just exporting and importing those data once in a while between accounts will not do.

 

Just having a different menu set on the same program, depending if one's acting as an admin or not, is enough to lower one's proficiency on the machine, and therefore one's safety. I use the driving metaphor : suppose you drive normally most of the time, with your wife and kids. Suddenly, you need to drive very fast to bring a relative to the hospital. You know this is dangerous, and you have to be especially alert. How would react if a prankster had moved the dials and controls all over your car precisely at that moment, and the brake was now on the right ?

 

2. I read everywhere how User Access Control has become super-intelligent in Windows 7. I can live with having to type the admin's password now and then, but being stopped-and-searched by the UAC police just because I want to launch Windows' Resource Monitor (or change a few settings in the Everything search tool) takes the biscuit.

 

Besides, my understanding is you don't run as admin even when you're in your admin account. You still get UAC warnings when your rights need to be elevated. The difference is, you click them away, as opposed to having to type a password when you're non admin. And I suppose you get less of those warnings when you're an admin.

 

But UAC is far from being foolproof against malware, as this very interesting post stresses.

 

So, isn't UAC mainly designed to prevent allegedly ignorant users from tweaking the system in an unwanted way, rather than to prevent malware installing ? Even Microsoft seems to say that the standard user accounts are meant for situations where there are actually several users and one "boss" (IT manager / office workers, father / children). Isn't UAC meant to protect the "boss" against his users, rather than an individual user against external malware ?

 

More than once, I asked if one should make a habit of using a non admin account by default, and on the expected positive answer, asked if the adviser ran under non admin himself : the answer being no, that's for the unwashed masses only.

 

Any thoughts ?



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 25 November 2015 - 12:13 PM

I use non-admin accounts.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 25 November 2015 - 07:27 PM

I use non-admin accounts.

Nice, but how do you manage it ?



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 26 November 2015 - 02:02 PM

 

I use non-admin accounts.

Nice, but how do you manage it ?

 

 

Manage what? What do you want to know exactly?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 27 November 2015 - 01:47 PM

 

 

I use non-admin accounts.

Nice, but how do you manage it ?

 

 

Manage what? What do you want to know exactly?

 

See my top post.



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 27 November 2015 - 03:42 PM

1) I don't have that problem. I use FireFox with multiple profiles, but I don't share profiles between a non-admin and an admin account. My first reaction: sharing a profile is dangerous.

2) Yes, you have to type your password each time you are prompted by UAC, and that is for all management tasks and permissions.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 30 November 2015 - 05:35 AM

My first reaction: sharing a profile is dangerous.

 

What would the risk be ?

 

Yes, you have to type your password each time you are prompted by UAC, and that is for all management tasks and permissions.

 

Well, that's precisely my point. The level of nuisance is preposterous. I've just experienced a new one : I had to type a password just to delete a shortcut on my desktop ! A shortcut that I had myself generated, by installing the related software under my admin account. What's the point of telling people : take the trouble of switching to admin to install software, if some of the installing has to take place under non-admin, and you're stopped by the UAC police while doing so ?

 

Now I also have to clear a UAC warning each time I log into my non-admin account, because I've finally re-installed the fan control utility bundled with my motherboard, and some tiny-weeny part of it apparently is deemed so important by Microsoft that an ordinary user (me) cannot be trusted by the computer owner (me) to let it run unhindered. Needless to say, Run this program as administrator for all users does not work for this specific .exe.

 

Another exemple I mentioned : launching Resource Monitor to see what's happening inside my PC is not a management task. It's normal usage by a normal user normally working on his computer. However, to Seattle wonks, that's a no-no : only licensed IT Managers are authorised to activate such a weapon of mass destruction. The PC user as seen by Microsoft is a stupid form of lowlife who should be content with "liking" "friends" on Facebook, and if not, let him suffer the trouble of typing a password. That's akin to not letting you watch the rev counter on your car unless you enter a code, because, you know, this might be dangerous.

 

I mentioned Firefox, but that's only an example, of course. The point here is that giving in to that "non-admin" fascism makes you work with two totally different computers, one of which you can't recognise and therefore can't properly work with, because it's not the one you have personalised day after day (or after you've done a mammoth installing session, as I'm currently trying to do ; but of course, this is never enough : you always add settings and enhance your configuration as you go).

 

That's the problem Microsoft has never acknowledged, apart from saying, as Ed Bott did in Windows 7 Inside Out : since you have worked for a while under your admin account and you don't want to let go of your settings, just keep it and change it into non-admin, therefore you'll be able to keep your customisation. Well, we're then back to where we started, since it's my admin account which is totally non-customised now !

 

And by the way, what about another trick that I never read about ? Since the universal, politically correct advice seems to be : do most everything under non-admin, and only poke your head above the parapet into admin when you've got something critical to do, why not have an admin account you never use (and I mean never), always use the same, non-admin account, and just change it into admin when you have something verboten to do -- then change it back ?

 

This seems to me even faster than the supposedly "fast user switching" that you normally would use between two different accounts. But you get to keep your settings, user interface, menus, extensions, bookmarks, styles, etc, etc !

 

Please note that I'm enquiring. I can be made to change my mind. In fact, I would love to find a way to be safely (?) ensconced into non-admin most of the day, and I would be glad if someone could point me to a practical way of doing it. But it has to be practical. Computers are there to make life easier for us, not the other way round.



#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 30 November 2015 - 05:09 PM

 

My first reaction: sharing a profile is dangerous.

 

What would the risk be ?

 

Escalation of privilege.

 

Yes, you have to type your password each time you are prompted by UAC, and that is for all management tasks and permissions.

 

But it has to be practical.

 

That's personal opinion. For me it is practical.

 

I guess you never tried to use a non-admin account on Windows XP. That was not easy.

 

You have to understand what's happening.

Example: why do you need admin rights to delete a shortcut from your desktop? Not because you created it as an admin, but because it was created for everybody: it was created on the desktop of the default user. Since your change will impact all users on your machine, you need admin rights.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 01 December 2015 - 12:22 AM

I've always used an admin account on my (home, unshared) computer. I've always known I shouldn't.


you can, just be sure not happy clicking on everything ;)
 

I'm considering taking the plunge and using a non-admin account by default. I've been experimenting for a few weeks with two accounts for myself, on a fresh, unfinished install. I was almost sold on the idea, when a few straws broke the camel's back.


it is the safest account, you will have to enter your password when you are doing admin-kind tasks (as Linux) , but for me it is too much hassle , i would enter my long passwords 100 times a day.
 
 

1. After considerable work, I was able to build a single Firefox profile shared by both accounts. However, I now realise that I will now have to replicate this for all my software, and try to tweak them so they look and act the same whoever the "user" is (me).


bad idea, sharing account is opening doors to potential infections.
 
 

2. I read everywhere how User Access Control has become super-intelligent in Windows 7. I can live with having to type the admin's password now and then, but being stopped-and-searched by the UAC police just because I want to launch Windows' Resource Monitor (or change a few settings in the Everything search tool) takes the biscuit.

 Besides, my understanding is you don't run as admin even when you're in your admin account. You still get UAC warnings when your rights need to be elevated. The difference is, you click them away, as opposed to having to type a password when you're non admin. And I suppose you get less of those warnings when you're an admin.

 

exactly, the true admin account is hidden from the common user, you have to enable it.

 

But UAC is far from being foolproof against malware, as this very interesting post stresses.

 

 

in fact people saying that UAC is bypassable are wrong and right at same time; UAC will be bypassed if you clicked on the exploit, so UAC is not 100% faulty , you are as well by clicking an unknown executable/file; i didn't saw yet UAC bypassed silently by any malware not downloaded or clicked by a user.

Users are the biggest threat of their system.

 

So, isn't UAC mainly designed to prevent allegedly ignorant users from tweaking the system in an unwanted way, rather than to prevent malware installing ? Even Microsoft seems to say that the standard user accounts are meant for situations where there are actually several users and one "boss" (IT manager / office workers, father / children). Isn't UAC meant to protect the "boss" against his users, rather than an individual user against external malware ?

 

UAC is just an anti-executable denying the right of a process to get elevated rights and modifying critical areas of the system. it is not an antivirus saying this executable  is good or bad.  

 

 

More than once, I asked if one should make a habit of using a non admin account by default, and on the expected positive answer, asked if the adviser ran under non admin himself : the answer being no, that's for the unwashed masses only.

 

 you answered yourself ;) 

 

most advanced users , IT guys don't need non-admin account, since they are supposed to differentiate the good processes from the bad ones; but there is always exceptions, some admins i know still use non-admin accounts for their daily usage , shifting to admin one for specialized tasks & maintenance.

 

hope i answered your questions
 


Edited by Umbrapolaris, 01 December 2015 - 12:25 AM.


Emsisoft Community Manager


#10 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 02 December 2015 - 03:43 AM

Thank you for your answers, Didier Stevens and Umbrapolaris.
 
Menawhile, I've done some more research and come up with another, totally different idea which I would like you to challenge, but first, addressing your comments.
 

 

 

 

My first reaction: sharing a profile is dangerous.

 

What would the risk be ?

 

Escalation of privilege.

 

Yes, you have to type your password each time you are prompted by UAC, and that is for all management tasks and permissions.

 

But it has to be practical.

 

That's personal opinion. For me it is practical.

 

I guess you never tried to use a non-admin account on Windows XP. That was not easy.

 

You have to understand what's happening.

Example: why do you need admin rights to delete a shortcut from your desktop? Not because you created it as an admin, but because it was created for everybody: it was created on the desktop of the default user. Since your change will impact all users on your machine, you need admin rights.

 

 

Well, yes. My opinion is what counts when it comes to my using my computer. Understanding why Windows is a steaming pile of crap (not necessarily my exact opinion, but you see the point) does not rank high in my list of priorities, although it might be fun. Making my computer work as I like comes first.

 

Regarding the specific example I gave of that shortcut, I think it was when I installed Pale Moon under my admin account (obviously), asked it to install it for all users, and to put a shortcut on the Desktop, as I usually do. Deleting the shortcut under my non admin account does not impact all users, since the Destkop is user-specific, does it ?

 

Even if it did, it supports my point. "Microsoft" (whatever that means) castigates us for working under non admin, but Windows is not designed for a single user to have two accounts.



#11 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 02 December 2015 - 04:12 AM

 

I've always used an admin account on my (home, unshared) computer. I've always known I shouldn't.


you can, just be sure not happy clicking on everything ;)
 

I'm considering taking the plunge and using a non-admin account by default. I've been experimenting for a few weeks with two accounts for myself, on a fresh, unfinished install. I was almost sold on the idea, when a few straws broke the camel's back.


it is the safest account, you will have to enter your password when you are doing admin-kind tasks (as Linux) , but for me it is too much hassle , i would enter my long passwords 100 times a day.
 
 

1. After considerable work, I was able to build a single Firefox profile shared by both accounts. However, I now realise that I will now have to replicate this for all my software, and try to tweak them so they look and act the same whoever the "user" is (me).


bad idea, sharing account is opening doors to potential infections.
 
 

2. I read everywhere how User Access Control has become super-intelligent in Windows 7. I can live with having to type the admin's password now and then, but being stopped-and-searched by the UAC police just because I want to launch Windows' Resource Monitor (or change a few settings in the Everything search tool) takes the biscuit.

 Besides, my understanding is you don't run as admin even when you're in your admin account. You still get UAC warnings when your rights need to be elevated. The difference is, you click them away, as opposed to having to type a password when you're non admin. And I suppose you get less of those warnings when you're an admin.

 

exactly, the true admin account is hidden from the common user, you have to enable it.

 

But UAC is far from being foolproof against malware, as this very interesting post stresses.

 

 

in fact people saying that UAC is bypassable are wrong and right at same time; UAC will be bypassed if you clicked on the exploit, so UAC is not 100% faulty , you are as well by clicking an unknown executable/file; i didn't saw yet UAC bypassed silently by any malware not downloaded or clicked by a user.

Users are the biggest threat of their system.

 

So, isn't UAC mainly designed to prevent allegedly ignorant users from tweaking the system in an unwanted way, rather than to prevent malware installing ? Even Microsoft seems to say that the standard user accounts are meant for situations where there are actually several users and one "boss" (IT manager / office workers, father / children). Isn't UAC meant to protect the "boss" against his users, rather than an individual user against external malware ?

 

UAC is just an anti-executable denying the right of a process to get elevated rights and modifying critical areas of the system. it is not an antivirus saying this executable  is good or bad.  

 

 

More than once, I asked if one should make a habit of using a non admin account by default, and on the expected positive answer, asked if the adviser ran under non admin himself : the answer being no, that's for the unwashed masses only.

 

 you answered yourself ;) 

 

most advanced users , IT guys don't need non-admin account, since they are supposed to differentiate the good processes from the bad ones; but there is always exceptions, some admins i know still use non-admin accounts for their daily usage , shifting to admin one for specialized tasks & maintenance.

 

hope i answered your questions
 

 

 

Nice to know I'm not the only one with bad habits  :) . By the way, if you have long passwords, did you consider replacing them with a fingerprint reader ? I'm surprised nobody addresses this possibility when discussing working under non admin. I've never used one, so I don't know if they are actually practical.

 

I'm surprised by your statement that you "didn't saw yet UAC bypassed silently by any malware not downloaded or clicked by a user". That's not how I understood the articles linked there. Malware installing without the user doing anything seems to be the bigger threat nowadays. Says Bit Defender :

 

Modern ransomware usually spreads via techniques that don’t require user interaction, such as exploit kits targeting the local browser or outdated instances of browser plugins used to display active content.

 

Articles linked to by Bleepin' Janitor :

 

 

 



#12 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 02 December 2015 - 04:44 AM

as i said, in the articles you mentioned, i didn't see one yet that:

 

- reside in a legit website 

- exploit your browser silently 

- download its payloads to your system silently without the AV flagging it.

- disable the AV and UAC silently 

- install itself silently

 

if your system & browser are protected and updated; the risk are minimized.

i don't say it is impossible to bypass UAC that way , i just never saw one do it yet, if one does we are all in big troubles :D



Emsisoft Community Manager


#13 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 02 December 2015 - 06:52 AM

And now, fishing for comments towards a completely fresh perspective (please see my questions at end of post).

 

The first drawback of having two accounts, and routinely working under non admin, is the UAC aggravation and constant password-prompting (opinions varying, of course ; some people will even say that you might encounter more UAC warnings in admin mode than in non admin).

 

But the second drawback, and arguably the major one, which I seldom see discussed, is that having two accounts compels you to have two completely different user profiles. Worse, as soon as you switch to admin, you'll loose all your usual tools, lovingly refined over thousands of hours of work : your favorites, your settings, your menus... Precisely when you'd need them most. Because you've been building them up under non admin, because that's where you're supposed to spend most of your computing life.

 

I've often asked for solutions to that problem, and never received a satisfactory answer. The few workarounds I was shown seem disputed, such as sharing a Firefox profile between an admin and a non admin account, which both of you say is a safety risk.

 

But why have two accounts ? Why not have a single account, and change its type from non admin to admin when necessary, and back again ? This way, you still live under the same %AppData%, and your environment remains the same whether you have admin rights or not.

 

Admittedly, this is slightly less straightforward than using Fast User Switching. You'd need to click on the following :

 

Switch from non admin to admin

  • Start Menu
  • <Picture of the current user>
  • Change your Account Type
  • Clear the UAC warning with password
  • Administrator, Change Account Type
  • Save open documents
  • Log off
  • Log on with password

 

Switch back from admin to non admin

  • Start Menu
  • <Picture of the current user>
  • Change your Account Type
  • (No UAC there, since you are demoting your rights)
  • Standard User, Change Account Type
  • Save open documents
  • Log off
  • Log on with password

One of the (manageable) drawbacks of this approach is that it's less guided than switching between separate user accounts, and that's it's even easier to loose track of where you are : there's no obvious status signal to remind you that you've forgotten to downgrade yourself from admin, for instance.

 

But there's no foreground status signal in a conventional two-accounts setup, either, even if it's marginally easier to be aware of where you are (which further supports my point that Windows is not designed for a single-user, two-accounts setup). And besides, making sure of your surroundings only takes this :

  • Click on Start Menu
  • Click on <Picture of the current user>

​This brings you to the Make changes to your User Account window, where your account is clearly marked as admin or non admin.

 

A big difference with Fast User Switching is you need to quit all your open applications and log off, because your rights are not updated before you do that.

 

Of course, you would still have to have a full-fledged, permanent administrator account, just in order that your regular account could be demoted to non admin, but you would never need to use it.

 

As it happens, Aaron Margosis, a long-time non admin evangelist at Microsoft, hinted once at this solution, briefly, in a 2004 post, back in XP times :

 

The only effective way I know of to address the user profile issue is to make your “normal” account an administrator.  The trick is to do it for the least amount of time necessary.

 

 

Let's bring this one step further.

 

As surprising as it may seem, passwords are not compulsory for user accounts, and there is not even a recommendation by Windows 7 to register one, contrary to many safety-related settings, where Microsoft "recommends" you very strongly what it thinks you should do (including some non advisable actions, such as putting updates on automatic).

 

According to Ed Bott in Windows 7 Inside Out :

 

You needn't worry about someone who's not in your homegroup logging on to your computer remotely (over the network, the Internet, or with Remote Desktop Connection, for example), if your account doesn't have a password. Security features in Windows prevent remote logon by any account with a blank password. When you don't have a password in Windows, the risk comes only from people who have physical access to your computer [emphasis mine].

 

 

So, I tried deleting the administrator's account password, then the standard user's password on top of that. The result is that the computer becomes a joy to use. It's really a breeze.

 

If you decide to go the two-accounts route, then there are no passwords to type in order to switch to admin, or to come back into non admin. Just click into the relevant user.

 

If you decide to have a single, non admin account, and change its type to admin when it's needed, there are no passwords to type when upgrading status or logging back on.

 

Best of all, while you're under non admin, the UAC warnings become as easy to fend off as under admin : just ignore the password field and click Yes. That's almost incredible !

 

Needless to say, logging into the computer also becomes easier, since there's no password to type.

 

However, I tried the option offered by Advanced User Accounts (accessed through Run netplwiz) to have the computer itself "type the password" (so to speak), by un-ticking the box Users must enter a user name and password to use this computer. (This is different from deleting passwords from accounts.)

 

This is effective only at boot, when logging into the computer. Passwords are not forgone in UAC warnings, when switching between accounts or when logging back on after logging off. And only one user can be be spared from typing his password, the one whose account will launch at boot. (By the way, I ran into some weird behaviour while testing that option.)

 

So here are my questions :

 

1. Is there a safety drawback (or otherwise) to having a single, non admin user account you'll occasionally change into admin when you need to, compared to alternating between two different user accounts ?

 

2. If yes, how important is it ? Because the reward (being able to use the same user data all the time) is huge.

 

3. Is getting rid of passwords on user accounts a safety risk as far as malware is concerned ? Can malware "click yes" on a UAC warning, while it would be unable to circumvent the password ? Can malware circumvent the fact that a non-password protected account is forbidden to be accessed through a network or the Internet ? Could it be possible that not having a password would actually increase your safety (once the risk of theft of the computer, or of other malicious physical access, is taken out of the equation) ? If this is a security risk, would letting go of only one password (either the admin or non admin one) be an acceptable compromise ?

 

And here are two other questions I ran into, while investigating my install in progress :

 

1. I have always taken advantage of the possibility offered by most installers, to install my software in my own custom locations, away from the dreadful dump that ProgramFiles folders are. I never read anything to discourage such a practice, until someone, on a forum, told me it might be a security risk. What do you think ? Any drawbacks to that ?

 

2. Is there a drawback, from a safety standpoint or otherwise, to not using the My Documents or Public folders for documents, and putting them in ordinary, non-system folders ?

 

Thank you for your thoughts !



#14 Clairvaux

Clairvaux
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 02 December 2015 - 04:41 PM

This article demonstrates that security is less important than functionality. I think it's a perfectly reasonable result.  In the IT world, we need to recognize this reality.

 

Says no less than Bruce Schneier, of Schneier on Security.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users