Some have countered that they have been using an account with administrator rights and have programs, settings, favorites, and other items tied that account.
A way to keep those settings and accounts together and have the account not have administrator rights and privileges is to demote
the existing account.
Before you begin you will need to have another account with administrator rights and privilege. You will also need to know the passphrase for the surviving administrator account and have that account enabled.
Use this blog post to create the local account and enable administrator rights and privilege if you do not have one available to you.
Note: If you attempt to demote an existing account without a surviving administrator account the system will warn you.
To demote an account:
From Cortana search box or other means bring up the Control Panel.
Select User Accounts
Select the account to demote. I will demote the local Surface account.
You will need to verify you can use a surviving administrator enabled account.
Then logout of the demoted account, login to the demoted account, and verify your settings, programs, files, and other items associated with the demoted account are as intended.
When using the demoted account if you need administrator rights and or privilege to perform a task, you should get a User Access Control (UAC) popup box:
If you get a UAC popup without and known action on your part, having demoted your account's administrator rights and privilege may have saved your machine from further compromise.
No comments:
Post a Comment