In previous articles, I have discussed how to create and modify user accounts in Windows 7 and Windows 8 & 8.1 as well as use folder redirection to move user data. In this article, I will be discussing another area related to user accounts. User account control (UAC) was introduced with the Windows Vista operating system on desktop computers. This article will look at what UAC is used for and what each of the UAC levels does to protect your computer.
What is User Account Control?
User Account Control (UAC) is a feature that Microsoft introduced to help users make their computers more secure. This feature was introduced in Windows Vista and Server 2008 but the initial implementation was not very user friendly. UAC was designed to prevent programs or applications from making changes to the computer at the administrator’ permission level. Standard users cannot authorize changes to administrator level permissions. If a standard user account is in use, UAC will require an administrator account’s password to authorize the change. If the account in use is an administrator level account, then the administrator just needs to click on Yes for the change to be implemented. Also, for two of the security levels described below used with UAC, the screen will dim to a secure desktop to prevent malicious software from running on the computer.
In Windows 7, Microsoft made changes to UAC to make UAC more user friendly and easier to make changes to. When prompted to authorize a program or app, a window such as the ones in the images below will appear. When the access is approved, the program or application is granted temporary administrator access to perform the requested action.
User Account Control Levels
There are a couple of ways to access to access the UAC settings windows. The first one is to click on the link for Change when these notifications appear as shown in the images above. The second way to access the User Account Control Settings window is to go to the Control Panel and then go to User Accounts and Family Safety. Next, click on User Accounts and finally, click on the link to Change User Account Control Settings. There are four levels or settings that users can set UAC at ranging from Always Notify at the most secure level and Never Notify at the least secure level. For both Windows 7 and Windows 8.1, the default level is one step below the Always Notify setting.
The Always Notify level is the most secure level and will prompt users for authorization for many actions performed using the computer. The image below is from Windows 8.1 but the Windows 7 UAC window is nearly identical. The only difference in appearance between Windows 7 and Windows 8.1 is the wording in the text box to the right of the slider bar used to set the UAC level. From the informational note in the image, the use of the Always Notify setting is recommended if new software is regularly installed or unfamiliar websites are visited.
The next level below Always Notify is the default level used by both Windows 7 and Windows 8.1. The only visible difference in appearance is in the phrasing of the bold text. For the default level, the informational note stats that this setting should be used if using familiar apps and familiar websites. The default level is the setting recommended for most users as it is secure yet allows frequently used apps, programs, and websites to load without continually popping up the UAC approval window.
The next to last setting is shown as Not Recommended according to the informational note. The main change between this setting and the default level is that the screen does not dim on this setting. When the screen dims, Windows is using the secure desktop function to prevent programs from running until either Yes or No is clicked on in the UAC window or until the administrator password is entered in the UAC window. Use of this settings is not recommended because of the added vulnerability from malicious software that can run in the background while waiting for access to be approved in the UAC window. The wording for this UAC level is the same for both Windows 7 and Windows 8.1.
With the exception of the informational notes for Windows 7 and Windows 8.1 for the Never Notify setting, the phrasing is similar for the text box. The main difference is the information provided in the informational note. The setting for both Windows 7 and Windows 8.1 are both shown as not recommended but the Windows 7 note also states that this setting should only be used if programs that are not certified for Windows 7 and do not support UAC. Considering that Windows 7 has been out for several years now, most programs are certified for Windows 7 and support UAC. The images below show the Never Notify windows for Windows 7 and Windows 8.1.
If you would like to know more about the functionality of the settings on your PC, please click on the link in the User Account Control Settings window as shown above called Tell me more about User Account Control Settings. The new window will go into a little more detail. I do not recommend using the Never Notify setting or the setting between it and the default setting. Personally, I feel that these settings compromise the security of the PC too much. If these settings are needed while installing software, I recommend changing back to the default or Always Notify settings after you finish. My personal preference it to use the default settings on both Windows 7 and Windows 8.1 as I primarily am using programs and websites I am familiar with. On the occasions I get prompted by UAC, I generally am expecting the UAC approval window to open so it doesn’t bother me to click Yes on the button in the window. As always, if you have comments or questions, feel free to post them below or email me using the link in my bio.