User Accounts: Standard User Versus Administrator User
Windows Vista provides two main types of user accounts:
- Administrator accounts for users who require full access to the computer
- Standard user accounts for those users who need to run applications but who should be limited or restricted in their administrative access to the computer
When Windows Vista is installed, three user accounts are created by default: the administrator, the initial user, and a Guest account. Of these, the administrator and Guest accounts remain in a disabled state. The initial user account is the one that you used to perform the installation.
Only an administrator can create a user. This is accomplished in Control Panel, User Accounts and Family Safety, Add or Remove User Accounts. Vista's new User Account Control (UAC) prompts you for administrative approval.
Select the Create a New Account hyperlink in the lower-left corner (see Figure 2.18).
Figure 2.18 Managing accounts.
You must enter the name of the new user. As you can see in Figure 2.19, the default and recommended user type is the standard user.
Figure 2.19 Creating a new user.
It is further recommended that every user account have a strong password. A password is not a default part of creating user accounts; you must perform this task separately. Click the Create User button to complete the creation process.
After the user account is created, you are returned to the Manage Accounts window. Notice that the new user (LuLu, in our case) is not password protected as with the other user accounts. To establish a password for this account, click the new account in the Manage Accounts window, shown in Figure 2.20.
Figure 2.20 Changing an account.
Next select the Create a Password hyperlink, as shown in Figure 2.21.
Figure 2.21 Create a password.
Now you must type the user's password twice, as shown in Figure 2.22.
Figure 2.22 Entering the password, and possibly a password hint.
You may also type in a password hint. This is presented to the user if the user enters the wrong password while trying to log on. Do not type the password in the password hint field. Click the Create Password button when you are done. Select the Manage Another Account hyperlink to return to the Manage Accounts window. Notice that the new LuLu account is now password protected.
What Can the Standard User Do?
In Windows XP, the non–administrator user could do many things, including these:
- Modify most of the Display settings (not adjusting the font size)
- Run most installed applications (not configuration related)
- Connect to wireless networks, including Bluetooth and Infra-red (Ir) connections
- Burn CDs and DVDs
- Copy files to network shares, where permissions allow
Windows Vista includes these capabilities for the standard user and has increased what the standard user can do. These new privileges for the standard user in Windows Vista are relatively common, low-risk tasks. These new permissions for standard user accounts in Windows Vista were not available to non–administrator users in Windows XP:
- View system clock and calendar
- Change time zone (not the time, though)
- Change power-management settings
- Enable and configure Windows Sidebar
- Install critical Windows Updates
- Install ActiveX controls from websites approved by an IT administrator
- Add printers and other devices that have the required drivers installed on the computer or that have been allowed by an IT administrator in Group Policy
- Create and configure a virtual private network connection
- Install wireless security, including WEP, WPA, and WPA2 to connect to secure wireless networks
In Windows Vista, by default, standard users are prohibited from installing most programs and drivers, changing system settings, and performing other administrative tasks.
How Can I Tell What the Administrator Can Do?
The administrator user can perform any configuration task on the computer. The only entity on the computer that is more powerful than the administrator is the kernel of the operating system, affectionately personified and referred to as "the kernel." The kernel may disallow administrator actions, such as deleting the system or boot partitions.
Administrator privilege is required to perform most configuration changes on the computer:
- Install applications
- Add and remove user accounts
- Change settings on the firewall (required when enabling file and printer sharing, media sharing, and remote desktop administration)
- Configure Parental Controls
- Change media rating restrictions
- Back up and restore files to the computer
- Change visual effects that impact system performance
Many more tasks require administrative privilege. Spend 5 or 10 minutes poking around on the configuration dialogs, and look for the shield icon to get a feel for which tasks require administrative privilege.
Running processes as an administrator presents a greater attack surface to the bad guys and malware. To minimize this potential exposure, when you use an administrator account on a Windows Vista computer, User Account Control (UAC), covered in Chapter 3, "Managing Windows Vista Security," increases the security of the computer. Even when you are logged on as an administrator, most programs are executed with the permissions of a standard user. This limits the computer's attack surface to malware that could be executed through those programs by running applications as a standard user. If the application or task requires greater privilege than the standard user, UAC prompts for administrator credentials or administrator approval.