قالب وردپرس درنا توس
Home / Tips and Tricks / Lock your Windows PC with a special local administrator account

Lock your Windows PC with a special local administrator account



To protect your Windows 10 PC from hackers, try the following: Create a local user account as your administrator account. Many Windows 10 users make the mistake of using the Administrator account as their daily user account, which makes your PC more vulnerable if your user account is hacked.

One of the advantages of Linux PCs is that users do not have “always active” administrator accounts by default. Instead, authorized users increase their rights to act as an administrator for a short period of time. It is a good system that can thwart attackers and make the PC more secure.

Technically, we have the same situation on Windows 1

0, where we temporarily increase our user permissions to install a program or perform other privileged tasks. The difference is that in Linux you have to enter a password to increase permissions, but in Windows 10 most of us just have to click Yes in a User Account Control (UAC) dialog box.

uacexample IDG

An example of a User Account Control dialog box in Windows 10.

The UAC is a bit more robust than that description suggests. Nevertheless, we can improve the situation by removing administrator rights from our daily account. We then create a separate local user account to act as an administrator. You can still authorize almost all the actions you now take from your daily account, but you will have to enter a separate password each time instead of clicking Yes or with your current account password.

The argument for doing this is quite simple. If malicious software ever got onto your PC or if it was hacked remotely, there is the option to bypass the UAC and use the elevated permissions of your account. By acting as an administrator, an attacker could install more malicious software, run an elevated command-line tool, delete user accounts, and more.

Restricting administrative rights to an individual account limits these threats, but does not remove them completely. For example, a keylogger installed on your system can easily find out your administrator password and a UAC popup can trick you into doing something you didn’t intend to do. Still, removing admin rights adds a little more security than leaving them intact on your day-to-day account.

Windows 10 comes with a built-in administrator account that we could activate, but we’re not going to do that. Most experts caution against using the built-in administrator account, as it has free rein on your PC in a way that other account types don’t. For that reason, we leave the built-in account alone.

Create a special administrator

The first thing we need is a new local account, which we will call ‘Admin’. We cannot call it an administrator because that name is reserved for the hidden administrator account on the PC. We are also not going to use a regular Windows 10 account connected to an Outlook or Hotmail address as that increases the chances of hacking. Moreover, there is no good reason to connect it to the cloud like a regular account.


Source link