The ward clerk has asked that I obtain a list of all the Windows accounts and their passwords on the ward computer. (The stake setup the computer with multiple accounts, all admin, for use. I know that isn't the norm but that is how the stake wanted it).
I saw on the wiki some official MLS information about each person having their own username and password that they don't share. We won't record the passwords in that case.
What about official policy on not writing down the Windows password? The idea is to print off the list and store it in the clerk's office locked in a cabinet. Is there any official policy about not doing this? References please.
Official password policies
- rbeede
- Member
- Posts: 205
- Joined: Sat Apr 02, 2011 1:33 pm
- Contact:
- aebrown
- Community Administrator
- Posts: 15153
- Joined: Tue Nov 27, 2007 8:48 pm
- Location: Draper, Utah
rbeede wrote:The ward clerk has asked that I obtain a list of all the Windows accounts and their passwords on the ward computer. (The stake setup the computer with multiple accounts, all admin, for use. I know that isn't the norm but that is how the stake wanted it).
The stake controls the computer and thus the Windows accounts, and the ward doesn't really have any right to obtain all the Windows accounts and passwords. The ward clerk can ask, and if the STS chooses to share, I suppose he can, but he certainly doesn't have to. I am the STS in my stake, and I have an admin account on all the computers, and I personally would never share those account credentials with any ward clerk. The stake president has this information safely locked away (just in case I am for any reason unavailable and the passwords are needed).
rbeede wrote:I saw on the wiki some official MLS information about each person having their own username and password that they don't share. We won't record the passwords in that case.
That's correct regarding MLS passwords, as documented in the MLS users article.
rbeede wrote:What about official policy on not writing down the Windows password? The idea is to print off the list and store it in the clerk's office locked in a cabinet. Is there any official policy about not doing this? References please.
I don't know of a specific official policy on that topic, but standard security practices would certainly make one wary of storing a written password anywhere near the computer.
Questions that can benefit the larger community should be asked in a public forum, not a private message.
- rbeede
- Member
- Posts: 205
- Joined: Sat Apr 02, 2011 1:33 pm
- Contact:
-
- Senior Member
- Posts: 760
- Joined: Fri Jan 19, 2007 6:28 pm
What is the advantage of having multiple accounts? Since MLS required admin access to function properly anybody who used the machine would have full admin rights and could therefore get into any of the other accounts whenever they wanted?
Confidential files should be encrypted and protected with a password individually. If you want to make things more secure and convenient than that then a TrueCrypt (or similar) volume can be created that allows you to encrypt what is essentially a folder.
Confidential files should be encrypted and protected with a password individually. If you want to make things more secure and convenient than that then a TrueCrypt (or similar) volume can be created that allows you to encrypt what is essentially a folder.
-
- Community Administrator
- Posts: 34517
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
In case someone does something dumb with the main account, there's a backup admin account for fixing it.aclawson wrote:What is the advantage of having multiple accounts?
aclawson wrote:Confidential files should be encrypted and protected with a password individually.
According to policy, "The MLS database is stored on the computer’s hard drive. Other confidential files should not be stored on the hard drive. They should be saved on external media and locked in storage when not in use."
You can add encryption on top of that if you wish, but it's not required.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
- rbeede
- Member
- Posts: 205
- Joined: Sat Apr 02, 2011 1:33 pm
- Contact: