Friday, May 18, 2018

Windows Administrator Account revisit

 I have stated that doing day-to-day tasks with an account without administrator rights and privileges is a way to avoid or limit the damage malware may compromise your windows PC. 
 Some have countered that they have been using an account with administrator rights and have programs, settings, favorites, and other items tied that account. 
 A way to keep those settings and accounts together and have the account not have administrator rights and privileges is to demote 
the existing account.
 Before you begin you will need to have another account with administrator rights and privilege. You will also need to know the passphrase for the surviving administrator account and have that account enabled.
 Use this blog post to create the local account and enable administrator rights and privilege if you do not have one available to you.
 Note: If you attempt to demote an existing account without a surviving administrator account the system will warn you.
 To demote an account: 
 From Cortana search box or other means bring up the Control Panel.


Select User Accounts

Select the account to demote. I will demote the local Surface account.
Now use Chance the account type
Use the Standard radio button, click on the Change Account Type button.
Verify the account is now without Administrator rights and privilege. 
 You will need to verify you can use a surviving administrator enabled account. 
 Then logout of the demoted account, login to the demoted account, and verify your settings, programs, files, and other items associated with the demoted account are as intended.

 When using the demoted account if you need administrator rights and or privilege to perform a task, you should get a User Access Control (UAC) popup box:
Supply a surviving administrator account's name and passphrase to continue.

If you get a UAC popup without and known action on your part, having demoted your account's administrator rights and privilege may have saved your machine from further compromise.

No comments:

Post a Comment