The secret method isn't exactly a secret at all. In fact, you are probably familiar with it already. For example:
Microsoft call this the "Principle of Least User Privilege"
(also know as just the Principle of Least Privilege)
. A user has only enough privilege to
do their normal tasks - send email, write documents, use the Web, play games - but not to
perform "administrative tasks" - install new software, change system programs - or to access
other user's files without permission
- "Cashier cannot open safe"
- "Valet key does not open trunk"
- "Manager must approve all refunds"
It's actually quite simple to add a non-privileged account (what Microsoft call a "limited"
account in XP, or a "standard" account in Vista). See Creating a Non-Privileged Account.
Pretty much all day-to-day tasks - reading email, looking up things on the Web, writing letters -
will work just fine using the software that comes with Windows, or with recent programs like
Firefox or OpenOffice.
Protection against Viruses
Computer viruses are not just annoying, they are increasingly used for criminal activity. So-called
"botnets" are used to send spam and phishing email, attack websites to extort money, and
to steal passwords, account numbers and other information.
There is little that government or law enforcement agencies can do to to stop them, but
at a single stroke, by switching to a non-privileged account, you can stop
many new infections, and render others less effective.
In a virus challenge on XP in 2006, a non-privileged account rejected 59 common viruses
with not one infection.
In a virus challenge on Vista in 2011, a non-privileged account prevented several
common viruses from running, and allowed all to be stopped just by logging off.
In a SANS newsletter in February 2016, it was reported that 92% of critical
Microsoft vulnerabilities could be mitigated by using this principle. So it's not a stale issue.
Virus Removal Procedure (Vista)