Windows Vista Forums
Vista Forums Home Join Vista Forums Tech Publications Windows 7 Forum Vista Tutorials Webcasts Tags

Welcome to Vista Forums we are your forum for Windows Vista help and discussion. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
Register at Vista forums...the world biggest Windows Vista resource Join Vista Forums Now

Go Back   Vista Forums > Vista Newsgroups > Vista security

no password on UAC warning/alert . why?

Update your Vista Drivers
Reply
 
Thread Tools Display Modes
Old 02-11-2007   #1 (permalink)
GT
Guest


 

no password on UAC warning/alert . why?

I upgraded from XP to Window VIsta, when i upgrade there are no other account
I'm the only Administrator and i put password but it does not ask me for a
password when UAC warning is shown. Do i need to change setting so it will
warn me with a password or Do i need to create a standard account in order
for UAC warning to ask for password? If Vista was preloaded or clean install
on computer it is standard account by default therefor if they put password
it will warn them with a password credentials when a UAC warning pop up. Is
this true?



My System SpecsSystem Spec
Old 02-11-2007   #2 (permalink)
Robert Moir
Guest


 

Re: no password on UAC warning/alert . why?

GT wrote:
> I upgraded from XP to Window VIsta, when i upgrade there are no other
> account I'm the only Administrator and i put password but it does not
> ask me for a password when UAC warning is shown. Do i need to change
> setting so it will warn me with a password or Do i need to create a
> standard account in order for UAC warning to ask for password? If
> Vista was preloaded or clean install on computer it is standard
> account by default therefor if they put password it will warn them
> with a password credentials when a UAC warning pop up. Is this true?


You need to be logged in using a standard account to get prompted for a
password with UAC - in fact what you get prompted for are an admin level
username and this account's password.


My System SpecsSystem Spec
Old 02-11-2007   #3 (permalink)
GT
Guest


 

Re: no password on UAC warning/alert . why?

are you saying that if a user is administrator with a password it will only
prompt without the password in UAC. so i will have two accout a
administrator account and a standard account. Do i need to put password on
the standard account or can i just leave it with blank?




"Robert Moir" wrote:

> GT wrote:
> > I upgraded from XP to Window VIsta, when i upgrade there are no other
> > account I'm the only Administrator and i put password but it does not
> > ask me for a password when UAC warning is shown. Do i need to change
> > setting so it will warn me with a password or Do i need to create a
> > standard account in order for UAC warning to ask for password? If
> > Vista was preloaded or clean install on computer it is standard
> > account by default therefor if they put password it will warn them
> > with a password credentials when a UAC warning pop up. Is this true?

>
> You need to be logged in using a standard account to get prompted for a
> password with UAC - in fact what you get prompted for are an admin level
> username and this account's password.
>
>
>

My System SpecsSystem Spec
Old 02-11-2007   #4 (permalink)
Robert Moir
Guest


 

Re: no password on UAC warning/alert . why?

GT wrote:
> are you saying that if a user is administrator with a password it
> will only prompt without the password in UAC.


Yes. Think about it logically - you've already supplied the password, why
ask for it again? (Not entirely sure I agree with this myself, just
presenting the reasoning behind how this works...)

> so i will have two
> accout a administrator account and a standard account. Do i need to
> put password on the standard account or can i just leave it with
> blank?


Yep, 2 accounts. One admin with password and one standard without a password
will be fine, though frankly I myself always use passwords and wouldn't do
without.


My System SpecsSystem Spec
Old 02-11-2007   #5 (permalink)
Rock
Guest


 

Re: no password on UAC warning/alert . why?

"GT" <GT@discussions.microsoft.com> wrote

>I upgraded from XP to Window VIsta, when i upgrade there are no other
>account
> I'm the only Administrator and i put password but it does not ask me for a
> password when UAC warning is shown. Do i need to change setting so it will
> warn me with a password or Do i need to create a standard account in order
> for UAC warning to ask for password? If Vista was preloaded or clean
> install
> on computer it is standard account by default therefor if they put
> password
> it will warn them with a password credentials when a UAC warning pop up.
> Is
> this true?


Requiring a password (and it has to be the password for an admin level
account) on UAC prompts occurs in a Standard User account. For an admin
account, UAC asks for permission but no password needed since the account
that invoked it is an admin level account. See these articles about UAC

http://technet2.microsoft.com/Window....mspx?mfr=true

http://www.jimmah.com/vista/security/uac.aspx

--
Rock [MS-MVP User/Shell]

My System SpecsSystem Spec
Old 02-12-2007   #6 (permalink)
Jesper
Guest


 

Re: no password on UAC warning/alert . why?

Not to disagree with Robert's fine advice, but if you do not put a password
on an account you had better make sure your computer is physically secure. In
other words, do not use blank passwords on computers that move about, like
laptops.

Hopefully, Robert's explanation of the rest of the question made sense. If
not, think of it this way:
When you log in as an administrator on Vista, by default, you are
essentially "half an admin." The operating system creates a token for your
user account that contains all the groups you are a member off. That token is
used to validate all access. In essence, it is a representation of you that
the OS uses to determine what you can do. However, it does not contain the
group Administrators (at least not in a way that grants you access to
anything) even though you are a member of that group. When you try to do
something that requires administrative privilege the OS detects that, and
also knows that you are actually a member of the Administrators group, so it
just asks whether you want to perform the operation. If you say yes, it
creates a copy of your token but with the Administrators group in it, and
then uses that token to perform the operation.

If you log in as a standard user, on the other hand, you cannot just add the
Administrators group to your token since you are not an administrator at all.
Therefore, when a standard user tries to perform an administrative operation
the OS asks for credentials (password) for an administrative user instead. If
you provide correct credentials the OS creates a brand new token for the
administrative user and then uses that token to perform the operation.

You can configure the prompt to behave certain ways using the Local Security
Policy tool. For instance, if you want all users to supply a password you can
configure it to ask for credentials for administrators as well.

Does that make any sense?

"Robert Moir" wrote:

> GT wrote:
> > are you saying that if a user is administrator with a password it
> > will only prompt without the password in UAC.

>
> Yes. Think about it logically - you've already supplied the password, why
> ask for it again? (Not entirely sure I agree with this myself, just
> presenting the reasoning behind how this works...)
>
> > so i will have two
> > accout a administrator account and a standard account. Do i need to
> > put password on the standard account or can i just leave it with
> > blank?

>
> Yep, 2 accounts. One admin with password and one standard without a password
> will be fine, though frankly I myself always use passwords and wouldn't do
> without.
>
>
>

My System SpecsSystem Spec
Old 02-15-2007   #7 (permalink)
David Hearn
Guest


 

Re: no password on UAC warning/alert . why?

Rock wrote:
> "GT" <GT@discussions.microsoft.com> wrote
>
>> I upgraded from XP to Window VIsta, when i upgrade there are no other
>> account
>> I'm the only Administrator and i put password but it does not ask me
>> for a
>> password when UAC warning is shown. Do i need to change setting so it
>> will
>> warn me with a password or Do i need to create a standard account in
>> order
>> for UAC warning to ask for password? If Vista was preloaded or clean
>> install
>> on computer it is standard account by default therefor if they put
>> password
>> it will warn them with a password credentials when a UAC warning pop
>> up. Is
>> this true?

>
> Requiring a password (and it has to be the password for an admin level
> account) on UAC prompts occurs in a Standard User account. For an admin
> account, UAC asks for permission but no password needed since the
> account that invoked it is an admin level account. See these articles
> about UAC
>
> http://technet2.microsoft.com/Window....mspx?mfr=true
>
>
> http://www.jimmah.com/vista/security/uac.aspx
>


That's the default setting. Following the first link provides info
about how to configure UAC to prompt for credentials, even for Admin.
Specifically, you can configure at as such:
• No prompt
• Prompt for credentials (this setting requires user name and password
input before an application or task will run as elevated, and is the
default for standard users)
• Prompt for consent (this is the default setting for administrators only)

So it does seem that you can configure it such that Admin users must
enter their password to elevate.

D
My System SpecsSystem Spec
Reply
Update your Vista Drivers

Thread Tools
Display Modes



Similar Threads
Thread Thread Starter Forum Replies Last Post
Alert Help Alert Alert Help Alert this justin1 Gaming 2 04-07-2008 10:33 AM
Security Center Alert Warning Notification Brink Tutorials 2 11-27-2007 10:49 PM
Standard user can turn off Security Center Alert. no password requ GT Vista account administration 1 04-23-2007 03:42 PM
Administrator Account and password UAC alert GT Vista account administration 9 02-11-2007 07:17 PM
Warning! No Password set for built-in administrator account chrisgruntled Vista account administration 4 07-05-2006 09:48 PM


Complimentary Industry Resources

Vista Forums has joined forces with TradePub.com to offer you a new, exciting, and entirely free professional resource. Visit http://vistax64.tradepub.com today to browse our selection of complimentary Industry magazines, white papers, webinars, podcasts, and more across 34 industry sectors. No credit cards, coupons, or promo codes required. Try it today!




Vista Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows Vista", the Start Orb, and related materials are trademarks of Microsoft Corp.
© Designer Media 2005-2008

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51