Yes, this is a risk management decision
.
From least secure to most secure:
1) Using only an admin account
2) Using a standard user account, and then elevating to an admin account
when doing an admin operation
3) Using a standard user account ONLY for non-admin tasks, and an admin
account ONLY for admin tasks, and never mixing the two
The more secure decisions have less risk, but are more inconvienent.
I certainly wouldn't say that if you follow the most secure way you will
never have a security incident. However, you are more at risk of such an
incident by choosing a less secure method.
That being said, I am personally content to run in an administrator account
on my machine, because I think it is an acceptable risk for me. You are
right that these are things that are hard to quantify in order to make a
good call on.
I suggest that you never use the account named "Administrator" (it is hidden
and disabled by default) - it is not protected by UAC and so is very
insecure to use. Any other administrator account is fine to use, and you can
have as many as you want.
--
- JB
Microsoft MVP - Windows Shell/User
Windows Vista Support Faq
http://www.jimmah.com/vista/