Windows 7 / Security and Privacy

Understanding Account Types

Windows 7, like Windows Vista, but unlike XP, supports just two account types:

  • Administrator: This is (almost) exactly what it sounds like, and is basically the same as the administrator account type in Windows XP. Administrators have complete control of the system and can make any configuration changes they want, though the method for doing so has changed somewhat since XP.
  • Standard user: A standard user can use most application software and many Windows services. Standard users, however, are prevented from accessing features that could harm the system. For example, standard users cannot install most applications, change the system time, or access certain Control Panel applets. Naturally, there are ways around these limitations, discussed in a bit.

So, what's missing? Windows XP supported something (under the hood) called a power user account type, which was supposed to convince people who would normally want administrative privileges to accept a slightly less risky account type. It never really took off, and it's gone in Windows Vista and 7.

Microsoft would like most people to run under a standard user account; and although this would indeed be marginally safer than using an administrator account, we don't recommend it, assuming that you log on to your account with a password. That's because Microsoft has actually locked down the administrator account in Windows 7, making it safer to use than ever before. More important, perhaps, you'll ultimately find an administrator account to be less annoying than a standard user account, even given some of the changes Microsoft has made in this release. To find out why that's so, you need to examine an important security feature in Windows 7: User Account Control.

[Previous] [Contents] [Next]