Generating Individual Accounts
Generating Individual Accounts
This topic has been discussed many times, but tutorials often don’t clearly explain their rules. I’m setting up my PC to have a regular admin account plus a separate user with restricted access. He needs to install programs but shouldn’t see my admin files or settings. When I created the guest account, everything was visible to it right away. I managed to restrict some folders, but I think there’s a better method for blocking access. Ultimately, I want a dedicated account that can’t reach my folders, programs, or system files, yet still have a space for him to download and run specific applications. He’ll connect remotely via tools like TeamViewer while I handle his work locally. How do I configure this properly?
The other user could view files in their own home directory. They wouldn't have permission to see your personal files.
It might be a bit excessive, but you could set up a separate folder for your files and protect it using BitLocker encryption. Windows access controls aren’t particularly user-friendly or dependable, both inside the operating system and since anyone could simply boot a Linux USB to view everything.
I can adjust some parts of the text. It seems the goal is to rephrase while keeping the original meaning but changing the wording slightly. The idea is to make it sound different yet retain clarity.
The only location where you're expected to store personal documents is c:\Users\yourname. Other accounts lack any access rights, preventing them from viewing the folder. They have read-only permissions elsewhere, which is acceptable because personal information isn't stored there.
I'm clarifying that what he observes is typical and outlining the standard behavior. You can then fine-tune further, but altering system folder permissions isn't necessary unless personal files are involved. It only makes sense to change files where he has stored his own documents.