The danger of using Administrator accounts - DEFCON level?

Hello. Just been reading stuff concerning Administrator accounts. Microsoft and others warn about logging in as an Administrator due to damage potential from trojans, etc., and suggesting that internet access is safest using a reduced-rights User account. Makes sense, but...

When I first got 7 I largely ignored it, preferring to boot into XP instead, infuriated by the continual messages telling me I couldn't do this, that, or the other - didn't have "sufficient privileges". It only became my preferred Operating System (OS) after discovering the Hidden Administrator, after which all those messages went away, and what was mine actually became, and felt like, mine.

I'm not talking here about trying to do damaging things, just simple everyday tasks - deleting stuff, installing, making various changes, even, one time, just copying a file to the root directory of C:. I found, and find, such control quite ridiculous, given that I had full control in all previous OS's (DRDOS, MSDOS, Win95, 98, 98SE, XP), and nothing bad ever happened.

I'm not prepared to go back to that kind of control, but if any invader does, as I have read, automatically gain my access rights, that is worrying. Truly, I would prefer to have to reinstall 7 often rather than go through that frustration again - it was relentless, and seriously reduced the pleasure I have always got from messing about with computers.

I spend a lot of time online, and am (slightly) considering creating a reduced-rights User Account for that purpose alone. I currently don't have any other User Accounts, and I don't Log On with a password - after invoking the Hidden Administrator I delete the User Account created during installation, and don't enter a password. It will mean going to back to Logging On and entering passwords, and changing User Accounts, though, which appeals not a lot.

So, given that I am the only user of my computers, and that I've been working this way (with 7) for just over two years without a single problem, is it really worth it to return to even the minor hassle of Login routines again? Is it that dangerous? I can see it is potentially dangerous, but in practice all is and has been fine. If my machines were attacked, even by ransomware, it would only be inconvenient; I have disk images ready to reinstall, and all my own files are saved to an external drive. Damage to BIOS or hard drive would be a different matter.

Oh, and there is no element of Windows bashing here. I like Windows a lot, and 7 is the best yet. I just require freedom, including the freedom to screw up, though I am very secure in my own skills and experience not to do so. External events, though...

Hi andrew129260, and thanks for your interesting response. The linked thread mirrors my concerns, as does your response - particularly as you "normally" run as I do.

"I think its safer to always run as a limited user with UAC set to the highest setting." Always? or Always when online? I think the latter is what the rest of your reply indicated. You normally run as an Administrator, except for when...

"This way its easy to elevate yourself and you do not have to log off and back on or switch users." Well... I tried and tried to elevate myself, and found the procedures incomprehensible. The offered screens for elevation required information without any advice - I was left floundering, wondering, "What does that mean, what do I type in here?", and, for me, each choice was denied anyway. Choosing to gain these privileges never once found acceptance. That is why I embraced the Hidden Administrator so enthusiastically.

"Having said that, even though I feel that is the safest way to go, I run as an admin with uac set to always notify."
Me too. I'm not stupid. Notifications are very useful. I was always accepting of DOS's "Are you sure? Y / N" Makes very good sense. But that is all I am prepared to accept.

Your reply has confirmed my thoughts about using limited accounts for online access. It does make a lot of sense. Not looking forward to doing it, but.. it's just an inconvenience.

Thanks. Useful response. Appreciated, as was the link.

Ztruker. Not sure what you mean there. Can you expand please. Are you saying that people just accept the default option - which may not be Yes, surely?.. or that they ignore the text and go for that which appears to be the default - if they've set their mouse to jump to the default?
Feel good. There is nothing feel good about being told, "you haff tried to do sumthink you arre not permitted to do, fool, and now you must die."

Ztruker.

If I get your comment right, you are saying that nowadays people don't get angry or frustrated when being told they cannot do what they wanted to do. They can't be bothered. This meshes with my own experience. I have ranted about this computer fascism (sorry, can't think of a better word) to my daughter (39), and she gives no equal response, she just shrugs. She and her generation seem to accept failure (shit happens) and just ignore and move on, devaluing that which they thought they wanted to do. Frankly, this worries me, greatly. It is the difference between a wild horse running free and biting and kicking for its freedom, and a sad and broken horse pulling coal wagons in the darkness and dust of a 1800s coal mine. It is not a healthy response. My response of anger and hatred may be only damaging to me and my heart, but it feels right. We should rage against that which denies us freedom to do what we wish and what we know is right.

I've been free of nasty UAC messages for over two years, and so I cannot remember any of them or their formats. But, imagining, I cannot think there would be YES or NO, only OK or EXIT or CLOSE, because they did not offer choice. They simply stated that, " You cannot do that, close this window and think of something else to do, because you can't do that." I paraphrase, of course.

I have tried to think of texts that might include YES or NO reponse buttons, but cannot come up with even an imaginary example. Can you? Tell me. This interests me hugely. I see complacency all around me, and I am not happy. People too readily accept denial (and failure), and, worse, fail to be angered, when they should be kicking and screaming against whatever oppresses them - including Windows' error messages. (I could list serious major oppressors - landlords, bankers, solicitors, estate agents, kings, queens, MPs, but I will assume you know of them.)

Like your signature, but being an athiest, I would.

Yep, just exactly that. All those that I can vaguely remember simply told me that I couldn't do what I just tried to do because I didn't have sufficient privileges, whatever. There were never options, except, of course, the stunningly useless, "Try Again". Which worked as often as a thing that never ever works ever. As I said, I've been free of that stuff for over two years and I have no intention of regressing just to supply examples. Why do you think I was so very very angry. Had there been options, I might have calmed down.
You supply me some of yours that give options.
I absolutely do think about the average, and the beginner, and, frankly I feel deeply sorry for them; just left to flounder without help or even explanation. My ex is one of those, and she constantly asks me to sort it out for her. Microsoft's error messages have always been brief, unhelpful, and have never given links to advice pages. People flounder when things go wrong. Remember (you must have encountered it - it's a CLASSIC), that when you cannot get online for some reason, and you follow the step-by-step help screens, you always get to one that says, "Go online to find a solution." I rest my case.
No,oo, it doesn't turn into an infected PC - that's just propaganda nonsense. I've run without even basic anti- whateverware in the past, and my infections have only ever been slight. I have never lost my machine to an infection, ever. If you're wondering why I ran without protection... Living abroad I had a slow connection. I had two machines. I connected the lower spec machine to the net without protection to gain that small, but noticeable, speed increase. The other I never connected to the net. I transferred files via USB or disk and tested for infection. Once a month, or so, I wasn't fussy, I reinstalled a clean image onto the internet machine from DVD. Safe. But, I never had anything but PUPs and Adverts. It CAN happen, yes, but so can being run over by a car. In my opinion, there are too many people out there screaming dire warnings and broadcasting unnecessary fears as there are evil scum creating viruses and whatnots. We could seriously do with a reduction in both. In all my decades of computing, I've had one proper virus; it made all my letters fall to the foot of the page - DOS I think it was in. I kept it for a long time, and ran it now and then for fun, but it stopped working in WIN95. Tut! They can't do anything properly.