For a long time now, security people have been advocating running as a non-administrator. I have tried this a few times myself, generally for about 10 minutes before I give up. On my home computer, I once changed my account and my wife’s account to be a limited user without telling my wife. Let me tell you, that’s a mistake that I will only make once. Here are the reasons why I can’t see myself running as a limited user anytime soon.

The calendar

This is by far my biggest pet peeve, and until this is fixed, I will never consider running as a non-admin. Double click the clock on the task bar and what do you get? ‘You do not have the proper privilege to change the System Time’. I don’t want to set the time; I want to look at a calendar!

I can’t install _anything_

As a non-admin, it is expected that I shouldn’t be able to install everything. But why can’t I run Windows Update? Do I have a windows installer service running on my machine as localsystem? Yes. Do we have code signing? Yes. Why can’t we put these two together and allow the administrator account to set things up so that setups and updates which are signed by companies that I trust can be installed without needing to log on as an admin? I can dream...

New for XP SP2 – the firewall

The firewall puts up a nice dialog that allows me to open the firewall. This seems to happen surprisingly often. This doesn’t work when I am a non-admin.