Note: This feature has been removed from Windows 7 and will not appear in the final product. --Paul
Windows 7 includes a nearly-hidden feature called Guest Mode that is primarily aimed at shared consumer PCs that need to be returned to their original running state after being used by a child or guest. The feature can be enabled on individual user accounts; when user logs off or the PC reboots, those accounts are wiped clean and returned to their original configuration. Guest Mode is useful for small classrooms, libraries, and other shared computing scenarios, but is really designed for home use, where parents may want to configure the feature for their children.
Secret: Guest Mode was originally called PC Safeguard. I think we can all agree that that was a lousy name. That said, I will continue to refer to Guest Mode-enabled user accounts as "safeguarded" accounts.
Tip: Don't confuse Guest Mode with "Guest account." They are completely different things.
History of Guest Mode
Guest Mode is a logical but not technical descendent of a free Microsoft technology called the Shared Computer Toolkit, which was first released in 2005 for Windows XP. The software giant at the time described this solution as "a simple and effective way to defend shared computers from untrusted users and malicious software, restrict untrusted users from system resources, and enhance and simplify the user experience." It was designed to prevent users from changing the appearance of a shared PC desktop, reconfigure system settings, install malware and other unwanted software, and other damage the PC.
With the release of Windows Vista, Microsoft renamed the technology to Windows SteadyState and enhanced it with some new functionality, including Group Policy support for managed environments, finer-grained control over application program permissions, simpler security controls, and other features. However, Windows SteadyState, like the Shared Computer Toolkit, has one major limitation: It only works with 32-bit versions of the OS.
Contrary to reports elsewhere on the Web, Guest Mode is not based on Windows SteadyState, though it does offer related functionality. And unlike SteadyState, Guest Mode is included as part of the base OS, and is user-oriented rather than PC-oriented. That is, Guest Mode is not a full-featured solution for shared computing installations in that it must be enabled and configured manually on a user-by-user basis. It is designed for families, not managed corporate and educational environments. But it does have one huge advantage over its SteadyState: Guest Mode works with both 32-bit and 64-bit versions of Windows 7.
Why Guest Mode?
Guest Mode will typically be used in homes by parents that wish to create safe user accounts for their children and other guests that many want to use the PC. It is not configurable in any meaningful way, and every time the PC is rebooted or an account is logged off, all of the changes made in safeguarded accounts are discarded and the system is returned to its original running state.
Other common scenarios include public PCs in smaller schools, libraries, Internet cafes, and other similar environments. Additionally, Microsoft envisions that Guest Mode will be a boon to first time PC buyers in emerging markets who are nervous that they may inadvertently harm their new PCs. In these markets, it's very common for an entire family, or even a larger group of users, to share a single PC.
Where Guest Mode does not make sense is larger shared environments such as corporations and larger educational institutions, or in kiosk-type scenarios. The issue here is that Guest Mode does not support Group Policy (GP). Presumably, Microsoft will update Windows SteadyState in the future to support Windows 7 in these environments.
Guest Mode features
Guest Mode is available in all Windows 7 SKUs (product editions), including Starter, and works with both 32-bit and 64-bit versions of the OS. Working like a system snapshot tool, Guest Mode specifically provides the following features:
Prevents system setting changes. Any attempts to change the system while running under a safeguarded account are prevented.
Prevents the installation of applications and other software. Once you've enabled Guest Mode, it is impossible to install or permanently configure already installed software applications. To get around this, you should install and configure any needed applications before enabling Guest Mode. Or, you can temporarily disable this feature, install or configure the necessary software, and then re-enable Guest Mode.
Prevents the user from writing to the disk outside of their user profile. While a safeguarded user can temporarily write to disk locations inside their user profile, they are actively prevented from writing to the disk outside of their user profile at run time.
Data saved inside of the user profile is deleted when the user logs off. During use, a safeguarded user can download, create, and edit files in their user profile. However, once they logoff, all of these changes are cleaned up--i.e. deleted, including any new files that were created. This is, perhaps, one of the most dangerous features of Guest Mode, because the OS does not warn you about any pending deletes at logoff. Instead, the user is presented with a warning anytime a disk write occurs. This isn't enough, in my opinion, a lot of time could go by between the last file save and logoff. Put simply, you can expect to lose saved data from time to time while using a safeguarded account.
Microsoft also claims that Guest Mode "supports" Windows Parental Controls, but there is no real integration between the two features. Instead, Guest Mode and Parental Controls are simply aware of each other, and neither prevents the other feature from being used; for example, an application disallowed by Parental Controls will not run while Guest Mode is enabled.
Secret: Safeguarded Windows 7 user accounts are added to a unique new local user group called SafeZone.
You may be wondering how a safeguarded user account compares to the built-in Guest account in Windows 7. Guest Mode is not a replacement for the Guest account and is instead aimed at actual users. But there are trade-offs with each account type. With the Guest account, you can change desktop settings, for example, and user profile changes are retained after logging off. On the other hand, the Guest account cannot be used with Windows Parental Controls, nor can it access the systems file, print, and media sharing capabilities. Drive protection to internal and external drives is not configurable for the Guest account; they are simply locked.
Secret: The built-in Guest account also operates in specific ways when the PC is joined to an Active Directory (AD) domain as well. Guest Mode cannot be used with AD and is instead aimed specifically at home users.
Configuring Guest Mode
From a user experience perspective, Guest Mode is almost completely hidden in Windows 7. You can't access it from Start Menu Search (Go ahead, try. I dare you!), nor can you search for it from within Control Panel. It's like it's not there at all.
But it is. To find Guest Mode, open Control Panel, User Accounts and Family Safety, and then User Accounts. (Shortcut: Open the Start Menu and click your logon picture in the top right.) Then, click on Manage another account. From the list shown there, select the account for which you'd like to add Guest Mode. Or, if you don't have an account for this purpose, create one first.
Tip: You should install and configure any applications you want your child or other users to use under Guest Mode before enabling this feature. Remember: Once Guest Mode is enabled, you cannot make any changes to that account, including installing or configuring applications. You can, of course, temporarily disable Guest Mode to make these changes at any time, but this is a bit monotonous and has to occur from within an administrator-class account.
Secret: You cannot use Guest Mode with an Administrator account. It can only be used with Standard user accounts.
Secret: To enable Guest Mode on an account, that account must be logged out at the time.
When you click a Standard user account, a new Change an Account display will appear with a list of account options. Click Set up Guest Mode.
Guest Mode will show up as an option for Standard user accounts.
In this screen, there are essentially two options. You can enable (Turn on) or disable (Turn off) Guest Mode, and you can choose which hard drives to lock.
Guest Mode offers only minimal configuration. It's either enabled or it isn't, and you can modify which internal drives are automatically locked.
By default, all local hard drives are locked for Guest Mode-enabled users. This means that they cannot write files to those drives while using the computer. If you select the Lock hard drives (advanced) option, you can view each internal hard drive attached to your PC.
Tip: The Lock drives (advanced) option will not be enabled until you have enabled Guest Mode on the current user account.
You can manually unlock specific internal drives if desired.
Then, you can click an individual hard drive to disable (or enable) locking.
Secret: You can only lock internal hard drives, and not external drives, like USB storage devices. This is because there must be some way for a Guest Mode-based user to save files when their user session ends. (See below.)
Using Guest Mode
When you logon to a user account that is protected with Safeguard, you will immediately notice some changes. For example, the logon image used for the account has been changed to a plain white icon with a cartoon character.
A safeguarded account features a special user account image.
When a user is logged on to an account with Guest Mode, the user can change settings, create files, and work in different programs. Then, when the user logs off, changes are removed and any files that the user has saved to the computer are deleted. Users can save files to external locations when they are using an account with Guest Mode.
A safeguarded account allows you to create files on the desktop, but they'll be deleted the next time you logon.
In fact, you'll have to use an external drive (or USB device) to save files, since Guest Mode protects all internal drives by default. In fact, each time the system detects a drive write within the user profile, it will pop-up a Guest Mode informational window and balloon help reminder.
Guest Mode will remind you from time to time that you need to backup files to an external drive.
What about installing applications after the fact? It's not possible: Guest Mode prevents the user from installing new applications. And while you can attempt to configure existing applications, any changes you make will be lost once you logoff.
Guest Mode prevents the user from installing new applications.
Secret: Technically, a safeguarded user could, in fact, install an application inside of their user profile. But that install would be deleted when the system rebooted or they logged back in.
Secret: When you do logoff from a safeguarded account, nothing actually happens to the user account, and no data is erased. Instead, it is cleaned up--and any created data is deleted--the next time that the user logs in. This means that it would be possible for an administrator on the PC to retrieve files from within a logged off safeguarded user account before that accounts logs in the next time. That's something to remember if the safeguarded user logs off before remembering to backup something important.
If an administrator browses over the safeguarded user account's profile, they can retrieve files before they're deleted on the next logon.
Guest Mode is an excellent solution for protecting PCs from children and other guests while giving those users the ability to get real work done and participate in the system's file, printer, and media sharing capabilities. However, Guest Mode is also uniquely hidden inside of the Windows 7 user interface, and cannot be located with Windows Search, which doesn't make any sense. I'd like to see Microsoft make this feature more prominent, and available along the lines of Windows Parental Controls, a feature that is quite complimentary to Guest Mode.