0

Since I'm not supposed to run day to day as an administrator and should be using a normal user account, what do I do about the user that is created during installation of Windows?

During installation you are required to create a user and that user is automatically an administrator. Do I name the account Admin? There is already the built in Administrator account, so I don't get why Windows doesn't just make you set a password for that account, instead of creating another administrator account that you're not supposed to actually use. I'm guessing naming the account Administrator isn't allowed either.

Improve this question

1 Answer 1

Reset to default
0

The built-in Administrator account is special in that there are certain GPO settings that apply only to that account. For example there's a setting just to disable UAC for the built-in Administrator. That said, you are not likely to need it. You can't delete it but it's recommended that you disable it to reduce the potential attack surface. I think that Windows forces you to create a new account in the Administrator group just to discourage you from using the built-in Administrator account for day-to-day use. I would avoid using "admin" for your account name just to avoid confusion; something like "josh-admin" would be better.

Since the addition of UAC using an account with local administrative rights is not nearly as dangerous as it once was since you have to elevate to use your admin rights (you can even set it via GP require the password each time). Just make sure UAC is turned on.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .