User Account Control or UAC was introduced in Windows Vista to help users protect Windows from themselves by running in a lower security level and only performing administrative functions after the user explicitly approved. The idea was to ensure viruses and malware weren’t inadvertently installed when a user clicked on a link they shouldn’t have. It was also intended to have the effect of ensuring users knew when significant changes were being made to the system as their screen would turn dark and an ominous warning would appear asking if they wanted to proceed.
On paper it sounded good – after all, this is how default installs of most Linux and Unix distributions run. Unfortunately, UAC in Vista was a mess. Want to change your clock? WARNING! (Cue black screen). Want to run a program? WARNING! (Cue black screen). UAC was too bothersome to be practical and most users disabled UAC the first chance they got.
I’ve been using the Windows 7 Release Candidate for the past few months and I’m happy to say I’ve left the default UAC settings enabled. It’s not perfect, but it’s leaps and bounds better than Vista’s UAC.
Microsoft knew users were not happy with UAC so during Windows 7 development, they started a blog called “e7” – Engineering (Windows) 7. In the e7 blog entitled Engineering Windows 7: UAC, Ben Fathi (Vice President of core OS development) talks candidly about the issues they found and about the feedback they received. At the end, the team working on UAC came up with five goals to meet for the Windows 7 UAC implementation:
- Reduce unnecessary or duplicated prompts in Windows and the ecosystem, such that critical prompts can be more easily identified.
- Enable our customers to be more confident that they are in control of their systems.
- Make prompts informative such that people can make more confident choices.
- Provide better and more obvious control over the mechanism.
How did they do?
I’m happy to report that the Windows team fulfilled most of their goals. Instead of prompting for any system level change you make (ie, the clock) AND any system level change made by a program, Windows 7 splits these into two separate settings. The default setting is to allow system level changes made by users, but to warn users when applications make changes. Just this little change reduces the number of times you are prompted during the course of using your computer - thus satisfying the first two bullets from the Microsoft goals.
How about the prompts?
There are now a few different graphical cues to clue the user in to what type of change is being made. The prompt that displays when Windows is requesting a change shows a little shield (Figure 3). Trusted publishers have a grey information bar appear (Figure 4) and untrusted publishers have bright yellow warnings (Figure 5). This makes it much more intuitive to the user – yellow means warning, grey is good (or most likely good). This satisfies the third bullet from the list above.
How about better control of the system?
Finding UAC is much easier – type UAC in the search bar and you’re set. Each of the four settings have easy to read descriptions that make recommendations based on your comfort level. Again, it’s not a huge technical change from before, but the way it’s presented is much friendlier and easier to understand.
I think Microsoft listened to the criticism and feedback from UAC’s implementation in Vista and made UAC in Windows 7 a functional tool.