updated default value for Prompt for credentials

windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md

@@ -1,70 +1,61 @@
 ---
-title: Behavior of the elevation prompt for standard users (Windows 10)
+title: Behavior of the elevation prompt for standard users
 description: Learn about best practices, security considerations, and more for the policy setting, User Account Control Behavior of the elevation prompt for standard users.
-ms.assetid: 1eae7def-8f6c-43b6-9474-23911fdc01ba
-ms.reviewer: 
 ms.author: vinpa
 ms.prod: windows-client
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
 author: vinaypamnani-msft
 manager: aaroncz
-audience: ITPro
 ms.topic: conceptual
-ms.date: 10/11/2021
+ms.date: 01/18/2023
 ms.technology: itpro-security
 ---
 
 # User Account Control: Behavior of the elevation prompt for standard users
 
 **Applies to**
--   Windows 11
+- Windows 11
--   Windows 10
+- Windows 10
 
 Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Behavior of the elevation prompt for standard users** security policy setting.
 
-## Reference
-
 This policy setting determines the behavior of the elevation prompt for standard users.
 
-### Possible values
+## Possible values
 
--   **Automatically deny elevation requests**
+- **Automatically deny elevation requests**
 
-    This option returns an “Access denied” error message to standard users when they try to perform an operation that requires elevation of privilege. Most organizations that run desktops as standard users configure this policy to reduce Help Desk calls.
+    This option returns an *Access denied* error message to standard users when they try to perform an operation that requires elevation of privilege. Most organizations that run desktops as standard users configure this policy to reduce help desk calls.
 
--   **Prompt for credentials on the secure desktop**
+- **Prompt for credentials on the secure desktop**
 
-    This prompt for credentials is the default. When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a different user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+    When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a different user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
 
--   **Prompt for credentials**
+- **Prompt for credentials**
 
-    An operation that requires elevation of privilege prompts the user to type an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+    An operation that requires elevation of privilege prompts the user to type an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege. This is the default value.
 
-### Best practices
+## Best practices
 
-1.  Configure the **User Account Control: Behavior of the elevation prompt for standard users** to **Automatically deny elevation requests**. This setting requires the user to sign in with an administrative account to run programs that require elevation of privilege.
+1. Configure the **User Account Control: Behavior of the elevation prompt for standard users** to **Automatically deny elevation requests**. This setting requires the user to sign in with an administrative account to run programs that require elevation of privilege.
-2.  As a security best practice, standard users shouldn't have knowledge of administrative passwords. However, if your users have both standard and administrator-level accounts, set **Prompt for credentials on the secure desktop** so that the users don't choose to always sign in with their administrator accounts, and they shift their behavior to use the standard user account.
+2. As a security best practice, standard users shouldn't have knowledge of administrative passwords. However, if your users have both standard and administrator-level accounts, set **Prompt for credentials on the secure desktop** so that the users don't choose to always sign in with their administrator accounts, and they shift their behavior to use the standard user account.
 
-### Location
+## Location
 
 Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options
 
-### Default values
+## Default values
 
-The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.
+The following table lists the actual and effective default values for this policy. Default values are also listed on the policy's property page.
 
 | Server type or GPO | Default value |
 | - | - |
-| Default Domain Policy | Not defined| 
+| Default Domain Policy | Not defined|
-| Default Domain Controller Policy | Not defined| 
+| Default Domain Controller Policy | Not defined|
-| Stand-Alone Server Default Settings | Prompt for credentials on the secure desktop| 
+| Stand-Alone Server Default Settings | Prompt for credentials on the secure desktop|
-| DC Effective Default Settings | Prompt for credentials on the secure desktop| 
+| DC Effective Default Settings | Prompt for credentials on the secure desktop|
-| Member Server Effective Default Settings | Prompt for credentials on the secure desktop| 
+| Member Server Effective Default Settings | Prompt for credentials on the secure desktop|
-| Client Computer Effective Default Settings | Prompt for credentials on the secure desktop| 
+| Client Computer Effective Default Settings | Prompt for credentials on the secure desktop|
- 
+
 ## Policy management
 
 This section describes features and tools that are available to help you manage this policy.