Clerk computer passwords

Discussions around the setup, operation, replacement, and disposal of clerk computers, not to include using MLS
craiggsmith
Senior Member
Posts: 711
Joined: Sun Sep 12, 2010 2:14 pm
Location: South Jordan, Utah

Clerk computer passwords

Postby craiggsmith » Sun Apr 22, 2012 9:16 am

Is it really necessary and/or good to use the password specified in the computer setup instructions? Is it necessary for HQ to be able to remote in or anything? It's not a very secure password, and it seems strange for every computer to have the same one. The wards in my stake have typically assigned their own, and when I set up a new computer they like to reset the password to the one they are familiar with.

On a related note, with Windows 7 what is recommended for an administrative account? Any value in enabling the administrator account or should I just set up a separate stake clerk account?

Thanks.
Craig
STS
South Jordan, UT

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Sun Apr 22, 2012 10:46 am

craiggsmith wrote:Is it really necessary and/or good to use the password specified in the computer setup instructions?

The instructions were written this way for our benefit. Going off on your own is certainly possible, but it makes it very difficult to receive support if/when needed.

The security of the admins machines (or lack thereof) has been discussed quite a bit here. The answer is, we do the best we can with the instructions given. The MLS data files are encrypted for us and we are NOT to leave any sensitive files of our own on the PC. So if someone were to "snoop" the PC after hours or from the LAN, they would not discover anything of value.

I setup a separate StakeClerk account on each PC. In Windows 7 you can make the Clerk account a regular user, but then they will not be able to install updates from MLS, Adobe, etc. when they are available. I tried this for a while and finally gave up and make them all admin. It's not a perfect solution, but it works until something is changed that will allow us to set it up differently.
So we can better help you, please edit your Profile to include your general location.

kisaac
Community Moderators
Posts: 1170
Joined: Sun Oct 21, 2007 5:04 am
Location: Utah, united states

Postby kisaac » Sun Apr 22, 2012 2:32 pm

If it is set-up EXACTLY the way it is supposed to be with THE password, then the stake IT person, the MLS help desk and others can assist your wards when troubles happen. This may be especially important if anything happens to the "one" or "the few," if they fall ill, move suddenly, or disaster strikes.

craiggsmith
Senior Member
Posts: 711
Joined: Sun Sep 12, 2010 2:14 pm
Location: South Jordan, Utah

Postby craiggsmith » Sun Apr 22, 2012 2:44 pm

OK, good enough, thanks!
Craig
STS
South Jordan, UT

User avatar
rbeede
Member
Posts: 201
Joined: Sat Apr 02, 2011 12:33 pm
Contact:

Postby rbeede » Sun Apr 22, 2012 4:22 pm

In our ward the stake gave each user (clerk, secretaries, etc.) their own Windows account (all admins for MLS compatibility) with an individual and more complex password. This allows non-confidential templates and such to be separated out too for each user. The stake can do as they see best works for them.

In terms of remote support remote desktop is almost never enabled/used so having the login for remote isn't really important since someone has to be in front of the machine anyway to setup the remote help session and thus login.

The STS has their own "stakeclerk" admin account in case the other accounts need to have a password reset. If that password was ever lost then a Windows password reset disk could be used.

bfromm
Member
Posts: 61
Joined: Wed Jan 20, 2010 9:07 pm
Location: Lehi, UT, USA

Postby bfromm » Mon Apr 23, 2012 1:11 pm

rbeede wrote:In our ward the stake gave each user (clerk, secretaries, etc.) their own Windows account (all admins for MLS compatibility) with an individual and more complex password. This allows non-confidential templates and such to be separated out too for each user. The stake can do as they see best works for them.


I'm not sure how this helps anything. As admins, by default, they can browse all of the files on the computer. So if Secretary tries to browse into the Clerk profile, it will alert them that they don't have permission then let them click Continue to self-grant permissions.

User avatar
rbeede
Member
Posts: 201
Joined: Sat Apr 02, 2011 12:33 pm
Contact:

Postby rbeede » Mon Apr 23, 2012 1:31 pm

The main benefit is that desktop icons are separated out so as to not clutter one user's desktop with another user's files. People always put their common used templates on the desktop.

bfromm
Member
Posts: 61
Joined: Wed Jan 20, 2010 9:07 pm
Location: Lehi, UT, USA

Postby bfromm » Mon Apr 23, 2012 1:34 pm

rbeede wrote:The main benefit is that desktop icons are separated out so as to not clutter one user's desktop with another user's files. People always put their common used templates on the desktop.


Understood. I just want to make sure people realize that different passwords don't prevent access to files (assuming all are admins).

aclawson
Senior Member
Posts: 712
Joined: Fri Jan 19, 2007 6:28 pm
Location: Commerce Twp, MI

Postby aclawson » Thu Apr 26, 2012 4:52 am

If you are really worried about preventing access to certain files then you can create a truecrypt volume and save extremely sensitive files there.

User avatar
rbeede
Member
Posts: 201
Joined: Sat Apr 02, 2011 12:33 pm
Contact:

Postby rbeede » Thu Apr 26, 2012 6:31 am

The problem with that is if you mount your TrueCrypt volume and do a switch user then any other users can see the content of the mounted volume. Same issue as leaving in the USB drive too though.

We have multiple users not for the security but for the convinentence of icons and files on the desktop.


Return to “Clerk Computers”

Who is online

Users browsing this forum: No registered users and 1 guest