Windows 11's Administrator Protection improves security but may get on your nerves qu

[harlan4096]

Remember when Microsoft introduced the user account control in Windows? Designed to improve security, it threw new prompts at users for certain actions. It irritated some users that much that they found ways to turn off the entire UAC system on their Windows devices or make it less frustrating.

Administrator Protection, a new security feature of Windows, could be the next security feature that could be getting on the nerves of users.

Broken down to its core, Administrator Protection asks for authorization whenever tasks require administrator privileges. Think installation of certain software, modifying some Windows settings, editing the Windows Registry, or making other changes to the Windows device that require elevation.

Whenever such a task is started, Windows Security pops up asking for verification. You need to verify the action, e.g., by entering your PIN or using biometric authentication, before it is executed on the Windows machine.
 The visible process makes just half of the Administrator Protection feature. When a Windows user signs in to the system, they are assigned a deprivileged user token automatically. Windows will then request authorization for tasks that need elevated rights. The verification happens via Windows Security. Once done, Windows generates an isolated admin token using a "hidden, system-generated, profile-separated user account", writes Microsoft on its Tech Community website.
 The token is used only for that specific process and destroyed automatically when it ends. So, when you type regedit in Start, you will get the authorization prompt before the Registry Editor is opened. Once you close the window, the authorization token is destroyed, so that "admin privileges do not persist" anymore on the system.

Continue Reading...