Security guidelines recommend separating day-to-day identities from privileged identities. Administrators should sign in with a standard user account for routine tasks and use a different, dedicated account (or just-in-time elevation) only when administrative privileges are required. Doing so limits the attack surface and reduces potential damage if everyday credentials are compromised.
Microsoft documentation states: "As a security best practice, use your local (non-Administrator) account to sign in and then use Run as administrator to accomplish tasks that require a higher level of rights than a standard user account." (Microsoft Learn - Local Accounts). Other industry guidance likewise advises creating separate identities for admin and daily tasks to enforce least privilege.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the risks of using an administrator account for daily tasks?
Open an interactive chat with Bash
What is the principle of separation of duties?
Open an interactive chat with Bash
What are best practices for managing administrator accounts?