I find it funny that one of my complaints with my current work environment is that the GP UAC setting for power users is just slightly too low. As a Power User (subclass Developer), I know its my job to not do something stupid (with great power, comes great responsibility, after all) and I happily lean on UAC to do its job and help catch me from some of my own stupidity.
I like the Secure Desktop and its forced context switch and I've worked to train myself that A) as a Power User, if I'm pushed to the Secure Desktop its "Serious Business" and pay attention, and equally importantly B) as a Developer, if my app is pushing to the Secure Desktop and it's not for something critical to system security, I wrote something wrong (or one of the libraries I'm depending upon did), because my non-Power Users should probably never see Secure Desktop prompts in almost all of the apps I write.
I don't particularly want and am not sure I need to input secondary security credentials every time I see the Secure Desktop, but I'm happy with the default options in Windows these days and as a Power User welcome it.
(As for feature whitelisting, I think this is an underappreciated part of the Universal Windows Platform [UWP] still. I'm hoping that as more Enterprises start to see Windows 10 S they will pick up on the platform benefits to the UWP and start to mandate Store/UWP-only development. I think the Appx app model of UWP is a game changer for a lot of Enterprise security and that if some Enterprises weren't clinging so hard to "oldest LTS Windows Microsoft supports" deployments, aka Windows 7 is the current Windows XP, there would be a giant demand for UWP-friendly Enterprise developers that I've not yet started to see.)
I like the Secure Desktop and its forced context switch and I've worked to train myself that A) as a Power User, if I'm pushed to the Secure Desktop its "Serious Business" and pay attention, and equally importantly B) as a Developer, if my app is pushing to the Secure Desktop and it's not for something critical to system security, I wrote something wrong (or one of the libraries I'm depending upon did), because my non-Power Users should probably never see Secure Desktop prompts in almost all of the apps I write.
I don't particularly want and am not sure I need to input secondary security credentials every time I see the Secure Desktop, but I'm happy with the default options in Windows these days and as a Power User welcome it.
(As for feature whitelisting, I think this is an underappreciated part of the Universal Windows Platform [UWP] still. I'm hoping that as more Enterprises start to see Windows 10 S they will pick up on the platform benefits to the UWP and start to mandate Store/UWP-only development. I think the Appx app model of UWP is a game changer for a lot of Enterprise security and that if some Enterprises weren't clinging so hard to "oldest LTS Windows Microsoft supports" deployments, aka Windows 7 is the current Windows XP, there would be a giant demand for UWP-friendly Enterprise developers that I've not yet started to see.)