I'm not certain that I'm understanding your procedures and observations, but
I think it's possible that you're misunderstanding the new security model.
(It would help all of us if Microsoft would be a little more up-front about
explaining it to us. I was pretty puzzled by it for a while, too.)
IF you are talking about THE administrator account, then it isn't supposed
to have a password assigned to it. It is disabled by default. You went
through a fair amount of trouble trying to assign a password to it, but you
will find that, when UAC is invoked, the password won't be required anyway.
If you ENABLE that primary administrator account (go to the CLI and execute
this command "net user administrator /active:yes"), then you will find that
you can assign a password to the account through the normal means. The
password still won't be required for completion of UAC dialogs.
NOTE: I am NOT recommending activating that administrator account. I suggest
leaving it as Microsoft sets it up and doing some research on the way the
system security is designed to work, instead of trying to make it work like
previous NT versions.
If I'm misinterpreting what you're saying and have wandered off into left
field by myself, just disregard my ramblings. I'm merely posting because I
was really scratching my head about this when I first started using Vista on
a regular basis back in November. As you seem to be saying, it appears that
Microsoft has left you with your pants around your ankles with the way this
account is set up -- until you realize that it is, essentially, worthless to
anyone trying to hack into your system.