Investigating User Account Control Practices
Sara Motiee ; Kirstie Hawkey ; Konstantin Beznosov
04 February 2010
Abstract: Non-administrator user accounts and the user account control (UAC) approach of Windows Vista are two practical solutions to limit the damage of malware infection. UAC in Windows Vista supports usage of lower privilege accounts; a UAC prompt allows users to raise their privileges when required. We conducted a user study and contextual interviews to understand the motives and challenges participants face when using different user accounts and the UAC approach. Most participants were not aware of or motivated to employ low-privileged accounts. Moreover, most did not understand or carefully consider the prompts.
Keyword(s): Usable security, Least privilege, User account control, UACP
Published in: Sara Motiee, Kirstie Hawkey and Konstantin Beznosov. Investigating User Account Control Practices. In Proceedings of the 28th international Conference Extended Abstracts on Human Factors in Computing Systems (Atlanta, GA, USA, April 10 - 15, 2010). ACM, New York, NY, 6 pages.:
The record appears in these collections:
Record created 2010-02-04, last modified 2013-05-22