Sorry, I didn't explain well. I wasn't really making a point about the frequency. The point I meant to make was that anything the user learns has to be switched to continue proper functioning won't protect them, because they will just switch it when the malware requests it too. Which is exactly what has happened with UAC.