Generally, two types of accounts are used to log a user on to a computer's operating system. One has nearly unlimited rights, often called an administrator account, the other has limited rights, often called a standard user account.
Standard user accounts permit some tasks but prohibit others. They permit most applications to run on the computer but often prohibit installation of an application, alteration of the computer's system settings, and execution of certain applications. Administrator accounts, on the other hand, generally permit most if not all tasks.
Not surprisingly, many users log on to their computers with administrator accounts so that they may, in most cases, do whatever they want. But there are significant risks involved in using administrator accounts. Malicious code may, in some cases, perform whatever tasks are permitted by the account currently in use, such as installing and deleting applications and files—potentially highly damaging tasks. This is because most malicious code performs its tasks while impersonating the current user of the computer—thus, if a user is logged on with an administrator account, the malicious code may perform dangerous tasks permitted by that account.
To reduce these risks, a user may instead log on with a standard user account. Logging on with a standard user account may reduce these risks because the standard user account may not have the right to permit malicious code to perform many dangerous tasks. If the standard user account does not have the right to perform a task, the operating system may prohibit the malicious code from performing that task. For this reason, using a standard user account may be safer than using an administrator account.
But the user may be prohibited from performing legitimate tasks—like installing a file known to be safe. To install this file, the user may need to switch to an account that has a right to permit the task. To do so with relative safety, the user may need to log off from the standard user account, log on to an administrator account, install the file, log off from the administrator account, and then log back on with the standard user account. This is disruptive.
To reduce this disruption, a user's rights may temporarily be elevated to permit a desired task. The user's rights may be elevated to those corresponding to rights held by an administrator account, for instance. In some cases, a dialog box pops up on the user's screen when an impermissible task is requested by an application. This dialog box often has two empty fields; one for typing in an account name (e.g., an administrator account) and another for typing in a password. Thus, a user may temporarily use the privileges of the selected account so that the task may be run to completion. Once the task is completed, the rights of the user may then return to those of his or her account such that these temporary privileges cease.
But to elevate his or her rights to perform a task, the user will often need to find or remember an administrator account name. This may be disruptive; a user may need to call someone to figure out the name, find some scrap of paper somewhere on which the user wrote it down some time ago, and the like. Also, the user may need to type the name in. Typing a relatively simple account name may, on its own, be a disruption. But many account names are complex, having a mix of letters, numbers, symbols, and lower- and upper-case characters. These names may cause a further disruption because they may requite that the user type slowly and carefully. Thus, searching for and typing in an account name to elevate rights may disrupt the user's workflow on the computer, especially if the user needs to elevate his or her rights often throughout the day.