User Account Management in Windows 10
Introduction
Windows 10 categorizes users into three types, each with a distinct purpose. Let’s explore the Local, Domain, and Microsoft user types. Then we’ll delve into related account management topics like admin versus non-admin accounts, how to configure User Account Control (UAC), single sign-on and domain versus workgroup accounts in Windows 10.
Local user
Local user accounts are old-school and well-known. Only a username of up to 20 characters and a password are needed to set up a Local user. These credentials are stored on the device the account was created and only access that device.
As of version 1803, users setting up a local user account must select three security questions in case the local user password is lost or forgotten. This type of account is suitable for home users and small companies that do not have a need for a domain.
Domain user
Domain user accounts refer to user accounts connected to an enterprise network, with a Windows server as a domain controller. This type of user account requires an Active Directory account and a username and password.
These credentials can sign in with the following formats: domainusername and username@domain. The “@domain” option is only available to domains with a fully qualified domain name. Prior to joining a Windows 10 system to a domain, a local account must be created on the Windows 10 system.
Administrator versus non-administrator accounts in Windows 10
Windows 10 further splits users into two subtypes: administrator and non-administrator (standard). Administrator accounts grant users control over the entire system, including permission to take action that may affect other users. Administrator actions include installing software, changing local policy and running elevated tasks.
Non-administrator accounts have restricted privileges. They can work with applications but can’t install new ones, and the changes they make only (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/TmzemLFKoxM/