I’m running my copy of Windows XP as a limited user.
Why?
I switched my main account from an Administrator member to a “Limited” account for many reasons, including:
- I’m not that short on self esteem that I need to call myself an “administrator” even on my own personal computer.
- I want to enhance security on my machine
Let’s focus on the second reason cited.
By default, Windows installations run the primary user account as part of the Administrators group. This is very convenient for the user, as he/she has the power to do anything on the machine, such as install software, change system settings/configurations and, unfortunately, also unintentionally install viruses, spyware and other malware.
Yes, that’s right. Running as an Admin opens up very wide security holes on your system. The very ease by which you install that browser toolbar, instant messaging client, or office suite, makes it likewise easy for malware to install themselves and other evil pieces of software on your system unbeknownst to you.
In contrast, most Unix-based systems and variants/derivatives thereof, such as Linux distros and MacOS (which is essentially FreeBSD) rarely run in Administrator mode. You are asked to input the Administrator (or root, as in some cases) password whenever you are to make system changes–and part of this is installing/removing software.
So basically, Microsoft sacrificed safety for convenience. Add to this the fact that it’s the dominant operating system in the world, and that there are a handful of tech-endowed teenagers with spare time in their hands (for creating viruses and worms) or lured by money (to create spyware), then each Windows system running on the default settings and connected to the Internet-at-large is vulnerable.
It’s not 100% fool proof, but at least you lessen your chances of screwing up.
So how did I do it? And how do I maintain my sanity with all the things I couldn’t do as a Limited user?
I basically downgraded my usual (main) profile to a Limited user under Control Panel–User Accounts. For this to work, you may have to login as Administrator or you must setup an alternative account with Admin privileges (to login as Administrator, pres Ctrl-Alt-Delete twice when at the login screen, then input the necessary Administrator username and password at the prompt).
I restarted my system (or logged off and on again), and voila! I’m now a Limited User.
Now to access functions and features commonly only available to users with Admin rights, I have to execute programs as a different user. And this can sometimes be a pain in the neck. I have the option of right-clicking on an executable, shortcut, or (compatible) document and selecting “Run as …” and then input the required Administrator (or Admin-level account) credentials. There’s also the command-line equivalent runas.exe for the CMD afficionadoes out there.
But this sometimes won’t work. And when all else fails, there’s always fast user switching.
PC Magazine has a fairly comprehensive writeup on this topic.