I'd like more explanation on this quote from the link:
what does this really mean ?One of the core design goals of the guides's hardening approach is to deny attacks even if the attacker knows your admin password. This could be result of shoulder surfing - simply noting your password as you type it by looking over your shoulder. Or it can be that a keylogger has been installed on your system.
let's ignore the looking over the shoulder idea, that's, well, i won't comment.
how did the attacker get an admin pw if the user logs in with a standard account ?
if you already have a key logger installed, aren't you already in serious trouble, no matter what ?
does MBAE or EMET protect against keyloggers ?