Besides reducing the number of prompts, one of the top requests we’ve gotten is a way to identify whether a window (particularly Command Prompt) is running with reduced privileges. If you asked for this, too, you’ll be happy to know that when Windows Vista Release Candidate 1 comes out you’ll be able to tell.
When you run cmd.exe as an administrator…
“Administrator” will be pre-pended to the title bar of the window…
This is designed for scenarios where you have multiple command windows open and you want to know which ones are elevated. You will also be able to tell which ones are elevated by looking at the taskbar…
This functionality is not enabled for all programs, but we got feedback that Command Prompt needed it most. Overall, our user experience goals with regards to UAC are:
(a) A user should be running as a standard user all the time.
(b) Elevation should be rare and for a very short duration.
As a result of these goals, a user should not have to keep track of what is running elevated and what is running normal, as in general, there should be nothing running elevated all the time.
In our research, we have not come across many applications that have valid scenarios where they should be running normal and elevated on a continuous basis for long durations. Command Prompt is one such application that people tend to run continuously as normal as well as elevated to perform mostly script- or batch-oriented tasks.
Therefore, based on feedback received, and just for Command Prompt, we have made changes such that if Command Prompt is running elevated, its title will be prefixed with “Administrator:” to help a user distinguish between a normal and elevated CMD.
Even though we provide this facility, from a security point of view, our recommendation remains that you keep the elevated CMD on your desktop for as short a duration as possible so as to avoid any inadvertent changes to your computer without further UAC prompts.