It Really Is Simple

I have seen a host of difficulties described by others on many help and support sites that most likely would have been prevented if my favorite tool had been in use.

I'm talking about User Accounts. One should never, ever run routinely under an account in the Administrators Group. It's the equivalent of giving a thief the key to your front door and posting a sign on the door telling him when you won't be at home.

XP Professional needs at least two users in the Administrators Group (and it's a good security practice to implement this strategy in XP Home). One is the default Administrator, and the second is you, if you have not setup a third account for normal use. If you don't setup an account when you install XP, that second one in the Administrators Group is usually called Owner. On my machines, I have the default Administrator, another account I create and usually name Admin in the Administrators Group, and at least another account in the Regular users group that I logon for normal use.

From "Help and Support:"

"Password reset disk overview

To help protect user accounts in the event that a user forgets the password, every user should make a password reset disk and keep it in a safe place. If the user forgets his or her password, the password can be reset using the password reset disk and the user will be able to access the computer again.

For information about creating the password reset disk using the Forgotten Password Wizard, or for information about using the password reset disk and Password Reset Wizard to gain access to the computer, click Related Topics."

My broadband runs through a Router/Switch with hardware firewall. I only log in as Admin when I'm doing updates, doing malware scans, or other maintenance chores that require Administrator privileges. On my desktop are 4 accounts (not including the two in the Administrators group). I run my browzer on medium-high security level, Malwarebytes Pro and Microsoft Security.  I run a manual scan with AdwCleaner free edition from time to time. 

I have no malware problems. I don't have Windows crashes, no BSOD's. Everything just works


You must be logged on as a member of the Administrators Group to make these changes, but then you can upgrade your security simply by logging off the Administrator account and logging back on as a member of the Power Users Group.

And remember, never open an email attachment unless you are expecting to receive it. If in doubt, reply to the sender and ask what the attachment is, and why it was sent.