remote-support

Home

Digitalwelcomemat industry news, PC hints, IT tips and more

Don't be an admin on your own PC

Running Windows as a standard user rather than with 'admin' rights removes over 90 percent of the risk" according to a recent study. (yes I know I have been going on about this for years):

Check to see if you are an administrator on your PC by right clicking on "My Computer" or "Computer" or "This PC" (depending on your Windows version) and chose manage.

  • If you are able to access the Windows computer management console (with or without a warning popup) then you ARE an administrator and you might want to consider changing that.
  • If you are prompted for a username and password then you aren't an administrator and are a lot safer from malicious software.

This is especially important for home users or less computer savvy users.

Current versions of windows have made running as a non-admin for everyday access a lot easier. When you are installing software or a new printer most of the time you can just enter the administrator credentials when prompted to do so and it doesn't hugely get in the way of getting things done.

If you are running as just a lowly "user" on your own PC and you open an email or browse the web and see the administrator popup then you know there is something wrong because these things should require admin access.

At that point you can pause to consider if entering administrator credentials would be a good thing or not.

 

  7364 Hits
  0 Comments
7364 Hits
0 Comments

Running Windows with ‘std' rather than ‘admin' rights removes over 90 percent of the risk

administratorRunning Windows with ‘standard' rather than ‘admin' rights removes over 90 percent of the risk" according to a recent study. See here for the full detail or below is an excerpt (yes I know I have been going on about this for years):

Running Windows users with ‘standard' rather than ‘administrator' rights would have removed over 90 percent of the risk posed by critical vulnerabilities reported in Microsoft products last year, an analysis by privilege management firm Avecto has found.

The firm first looked at 333 vulnerabilities reported by Microsoft in 2013 across all products in its monthly Security bulletins, finding that 60 percent would have been mitigated by removing admin rights. Studying only the 147 rated as the most serious, the mitigation level reached an astonishing 92 percent.

Check to see if you are an administrator on your PC by right clicking on "My Computer" or "Computer" or "This PC" (depending on your Windows version) and chose manage. If you are able to access the Windows computer management console (with or without a warning popup) then you ARE an administrator and you might want to consider changing that (will require thoughtful setup). If you are prompted for a username and password then you aren't an administrator and are a lot safer from malicious software.

However even as a standard user all the usual safe practices apply.

  7337 Hits
  0 Comments
7337 Hits
0 Comments

A Microsoft account?

[Updated 15/01/15] If you have Windows 8 (or a Windows phone) and you want to use Windows to its full capacity including getting apps from the Windows Store you’re going to need a free “Microsoft account”, basically this just equates to a hotmail.com or outlook.com email address, note that you don’t need to use this as your primary email (or use it at all beyond just getting access to the store and logging on to your PC).

Logging on to Windows in versions 8 and later now utilizes a "cloud" based logon name for example This email address is being protected from spambots. You need JavaScript enabled to view it. to tie all the accounts and services to you as the user and also gives you the ability to log on to multiple computers or devices. You can, if you chose, still use a traditional "local account" and in fact I always recommend another local administrator account so that your always covered if you can't logon via your normal account. However if for some reason you chose to set yourself up to use a "local" account initially it will pretty soon convert to a Microsoft account anyway (or at least try) as soon as you connect to various services. That can be pretty confusing so its best to start out the right way from the beginning, so setup your Microsoft account first before you even turn-on your new PC, tablet or phone.

Just a note if you logon in a business setting either via a domain or even peer to peer things are little different. In a domain you logon as the domain user and can then optionally "connect" the Microsoft account to the domain logon, peer to peer needs a bit more planning.

A Microsoft account is basically an email address and password. The good news is you probably already have one. If you use Microsoft services like hotmail.com outlook.com, Xbox, or SkyDrive/OneDrive, the email address and password you already use is your Microsoft account. You don't have to do anything else to get one. Just use that Microsoft account to sign in to your Windows 8 PC, tablet or phone, and you'll get free online storage, apps in the Windows Store, access to Xbox music* (on windows 8). You can also use your Microsoft account to synchronize your photos, documents and files to and from One drive to whatever devices you sign in from, on your phone, laptop, and tablet.

Here is the link to signup if you don't have one already:

https://signup.live.com/signup.aspx

Tips

  • Setting you the account is free however once you have the account setup and if you want to purchase apps for your shiny new PC or tablet then you will also need to add your credit card details (only required if you want apps that cost money).
  • If you do logon with a domain account you can "connect" your Microsoft account to the domain account as well.
  • I suggest you do NOT chose to save all your files to one drive by default, firstly its a bad idea and secondly Microsoft has realized its a bad idea and that concept has been depreciated in windows 10 which is in public beta as of the date this was written. See a screen shot here about where you get asked that question.

 

  10033 Hits
  0 Comments
10033 Hits
0 Comments

Microsoft Autologon [to Windows]

Great for media centre or kids PC's but not for business PC's or sensitive data:

Microsoft Autologon enables you to easily configure Windows' built-in autologon mechanism. Instead of waiting for a user to enter their name and password, Windows uses the credentials you enter with Autologon, which are encrypted in the Registry, to log on the specified user automatically.

Autologon is easy enough to use. Just run autologon.exe, fill in the dialog, and hit Enable. To turn off auto-logon, hit Disable. Also, if the shift key is held down before the system performs an autologon, the autologon will be disabled for that logon.

(it works with windows 8 as well)

http://technet.microsoft.com/en-us/sysinternals/bb963905.aspx

b2ap3_thumbnail_ctrl_alt_del.jpg

  7443 Hits
  0 Comments
7443 Hits
0 Comments

Welcome:

digitalwelcomemat now has a blog!

Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/

Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.

Search

Articles

Contact:

Give me a call: 0404 493770

Go to top