quote: That should be much easier to enable or disable. Why isn't it right next to the UAC slider??
quote: I think requiring a password in the "UAC state" is more secure. Imagine a scenario where I leave my laptop unattended for some unknown reason. Guy comes over, pops in his flash drive, and installs a malicious program. Password prompt inside UAC stops that from happening. I think this style of attack is called the "evil maid" attack.
quote: Agree. Well Microsoft got really serious about security some time ago. But what they found was that if you go TOO secure, it turns people off. Remember all the Vista complaints about the UAC? And that was a more toned down version of what they originally wanted to do. Also from a customer support view, I'm sure not requiring a password cut out some millions of calls from people who can't install something because they "forgot" their password lol.
quote: Now this is valid of course. Having an OS that's secure from physical intrusions is novel. I would hope IT departments are pushing the UAC password state. I would actually be interested in knowing how widespread, if at all, that practice is.
quote: Forgotten passwords... ugh... I do web apps (CRM/ERP) and I cannot tell you how many times I get emails about forgotten passwords. How?!? Perhaps that is why Microsoft hid it.
quote: I didn't even know it existed.