[keith66]

I have heard that it is safer to be logged on only on a limited/standard account rather than an administrator when logging on to the Internet.
Is this true?
I am the main user here on a home computer – My grandchildren have access on a limited account.
I am the only administrator and my user account is as administrator.
Would I have to turn my present main user account (where all my documents are stored and which I use for everything on a daily basis ) into a limited/standard account and create a second user account with administrator rights and switch to the second ( administrator ) account when I want to download something or change settings?

[lunarlander]

Yes, it is more secure to run your computer daily with a limited user account. Attackers take advantage of coding flaws in Windows and try to install malware when you chance upon their websites. If you are running as a limited user, some of these installs will fail, because only administrator accounts can make system changes.

You will have to create a second administrative account first and then demote your present account to limited user.

You don't have to use the admin account to do downloading. You only have to use it if you are installing a program. I normally download applications to the Public/Downloads folder ( on Vista, or a subfolder of All Users on XP )

[keith66]

Thanks Lunarlander.
I have created a second user account with administrative privileges and demoted my main user account to standard.

[cwh803]

In addition to LunerLander's advice, consider the followning:

Principal of Least Privilege: which is “Every program and every user of the system should operate using the least set of privileges necessary to complete the job.” Windows Vista User Account Control (UAC) function manifests this principal. UAC in Vista protects against attacks that rely on elevation of privileges. Internet Explorer 7, when running on Vista, leverages UAC to run in Protected Mode, which keeps Web applications from writing to system folders and system portions of the Registry. IE7 doesn't run in Protected Mode on XP. Until then, you can use a limited manifestation of this principal to mitigate malware attacks, including root kit attacks, when using Internet Explorer (IE) in XP to visit web sites that may be intentionally configured or attacked and compromised to install malware on your computer.

The idea is that you can stop running IE with full administrator rights, which most folks do in XP. Using IE with full administrator rights makes it easy for malware, once it gets into your environment by exploiting a defect exploitable through IE, to infect every sytem file. When you run IE with limited privileges, the malware is also running with limited privileges, and therefore is limited to which system files can be infected.

I’ve implemented the Principal of Least Privilege using a shortcut icon for DropMyRights which then starts IE. I normally run in XP as an administrator, and DropMyRights disables SIDs and removes privileges from my access token, and then uses this restricted token to start IE. Before using DropMyRights with IE, I also set “Active Scripting” to Disable and set “Run ActiveX controls and plug-ins” to Prompt; both in the Internet Properties->Security->Internet Zone.

DropMyRights can also be used with XCEL, WORD, or an E-Mail client. Installing and Configuring DropMyRights August 2007 blog entry.

DropMyRights was written by Microsoft programmer Michael Howard. Mr. Howard’s article, Every Windows XP user should drop their rights, includes a download.

See also Applying the Principle of Least Privilege to User Accounts on Windows XP Published: January 18, 2006