Should User Account Control (UAC) be kept or removed from Windows?

User Account Control made its debut in November of 2006 with Windows Vista. It is designed to warn Administrators that a program they opened is about to make changes to their system. Also, it requires standard users to provide an Administrator’s credentials to allow programs to make changes to their system. Similar alerts exist within Mac OS X, as well as several Linux distributions.

What UAC prompts look like for Administrative users
What UAC prompts look like for Non-Adminstrative users
And a funny meme for those who dislike UAC

There are mixed opinions on whether this should remain an included feature with Windows. Now people on both sides of this “debate” have different computer setups that validate their reasoning.

Within business and corporate computer networks, many IT Departments already utilize Group Policy to set what Non-Administrative users can do with company systems. In addition, they can specify which programs can be run on a particular workstation. Lastly, any Administrative actions will still need an Administrators credentials and approval to complete an action. Rather than leave UAC enabled, some policies override and disable it, and also many IT Departments just manually disable it anyways. This will require Administrators to login to computer as an Administrator to complete the action. In fact, this was how Windows XP and prior editions were designed. UAC in these circumstances, essentially becomes a confirmation dialog, and not much more of a security feature.

Despite the above negativity from IT professionals towards UAC, it isn’t all that bad, and can be disabled if you desire.

Before I explain some of the benefits of UAC, you have to understand that it is geared towards consumers and small business users, who don’t possess the IT expertise to configure Group Policy and other advanced security measures. In fact, those who aren’t tech savvy are recommended to keep this feature enabled to its highest security setting. Also, since I mentioned earlier that Windows XP lacked UAC, home and small business users were common targets to malicious programs that modified system settings. This is because Windows XP gave all running programs the highest permissions that were available to the logged in user. Most users on home computers didn’t bother to create a separate user account without Administrative rights, and did their day-to-day work using an Administrator-enabled account.

In the end, UAC will probably remain within Windows, but you will have the choice to disable it (e.g. if you’re one of the people who hate it). But inexperienced home users will need to rely on it for security while using their computers. The choice is yours.

Advertisements

Comments

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s