A general security question: I've heard that a nearly ubiquitous mistake all of us home users are making is that we run 100% of the time as an administrator on XP. Now, I figure I'm otherwise *fairly* secure behind my NAT+SPI router (nevermind this isn't a "real" firewall for now), plus having up-to-date antivirus.
But - should I go to the trouble for extra protection to make my and my wife's accounts be non-administrator accounts? Is this as simple as creating a new admin account and then setting our already existing users to "limited" and surfing the web on *those*?