We currently have 3 STS's in our stake and all our clerk PC's are setup with a Windows "Stake Admin" login and an MLS "Stake Admin" login, which is indeed shared among the 3 of us. I just don't see the necessity of forcing PW changes, unless there were calling changes to go along with.russellhltn wrote:But from some PMs, I've learned that "shared passwords" have indeed been a problem in some units.
Expiring Password
- Mikerowaved
- Community Moderators
- Posts: 4742
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Expiring Password
So we can better help you, please edit your Profile to include your general location.
-
- Church Employee
- Posts: 3025
- Joined: Mon Feb 09, 2009 4:55 pm
- Location: Riverton, Utah
Re: Expiring Password
I won’t go into some of the things we’ve seen, but I’ll say that I do see the need. And it affects me — I have to change my MLS password regularly along with everyone else.Mikerowaved wrote:I just don't see the necessity of forcing PW changes, unless there were calling changes to go along with.
-
- New Member
- Posts: 12
- Joined: Sun Nov 16, 2014 12:22 pm
Re: Expiring Password
Hey, great for you. Sucked for us. We had Stake Conference + General Conference right after some of our people changed passwords, and caused quite a conundrum Sunday. It also takes 2 admins now to change someone's password! Thanks for that surprise at the same time!scgallafent wrote: While the article has valid points, we discovered several interesting things as we started enabling this. There are a few benefits to forcing password changes on a semi-regular basis in our environment.
This change was not a good one. It is foolish to force this on every unit. Whoever made this decision should be fired.
-
- New Member
- Posts: 12
- Joined: Sun Nov 16, 2014 12:22 pm
Re: Expiring Password
So decreasing security and causing inconvenience is okay because it's inconvenient to you too? This is not a valid argument. It's also bad policy.scgallafent wrote: I won’t go into some of the things we’ve seen, but I’ll say that I do see the need. And it affects me — I have to change my MLS password regularly along with everyone else.
-
- Church Employee
- Posts: 3025
- Joined: Mon Feb 09, 2009 4:55 pm
- Location: Riverton, Utah
Re: Expiring Password
So are you saying that your users were prompted to change their passwords, changed their passwords, and then forgot the new passwords because they didn't have to use them for three weeks, which prevented them from logging in? Or was there some other error that prevented them from logging in?emarkp wrote:We had Stake Conference + General Conference right after some of our people changed passwords, and caused quite a conundrum Sunday.
No, I'm not saying that. I'm pointing out that many of the developers use these systems in their "Sunday" jobs, so we know how users are affected because we are affected by the same changes.emarkp wrote:So decreasing security and causing inconvenience is okay because it's inconvenient to you too? This is not a valid argument. It's also bad policy.
There is an argument that comes up occasionally saying that the developers don't know what it's like in the "real world" and we cause so many problems for clerks and leaders because we don't understand what they need. Many of us use our software weekly (or more often) and we spend time alpha and beta testing on our own wards and stakes before we ever release changes to a larger beta group, let alone the entire Church.
-
- Senior Member
- Posts: 2859
- Joined: Sun Jul 01, 2007 6:06 pm
- Location: Plattsmouth, NE
Re: Expiring Password
Us, too. Stake conference on March 31 and GC on April 7th. Then my bishop asked me to print some checks, and I couldn't remember my new password for several minutes. I nearly panicked, because the bishop needed checks to help a needy elderly sister. After I remembered my new password, I put a reminder into my phone.emarkp wrote:We had Stake Conference + General Conference right after some of our people changed passwords, and caused quite a conundrum Sunday.
Well no. This is industry standard security policy, especially for officers of any organization who have as much power as we do to modify personal data.emarkp wrote:It's also bad policy.
Dana Repouille, Plattsmouth, Nebraska
-
- Senior Member
- Posts: 2652
- Joined: Sun May 09, 2010 9:16 pm
- Location: Washington, USA
Re: Expiring Password
Personally, I am not against a reasonable password change policy. I understand the need to change it from time to time. I am retired military and know how they sometimes go overboard on passwords. However, this recent change has me scratching my head. According to the MLS message that came in this evening:
1. I must change my password at least once per quarter. - no problem with that for financial data access.
2. When I change my password each quarter, I must have 2 other members who have access to financial data sitting by me when I change my password so they can validate that I changed my password. - HUH???
Step 2 has me at a loss. I understand having an administrator assist or even another person or two with financial access assist if someone forgets their password and needs it reset. But making half the bishopric sit in the clerk's office every time one of them has to simply change their password every quarter? Really?
1. I must change my password at least once per quarter. - no problem with that for financial data access.
2. When I change my password each quarter, I must have 2 other members who have access to financial data sitting by me when I change my password so they can validate that I changed my password. - HUH???
Step 2 has me at a loss. I understand having an administrator assist or even another person or two with financial access assist if someone forgets their password and needs it reset. But making half the bishopric sit in the clerk's office every time one of them has to simply change their password every quarter? Really?
-
- Church Employee
- Posts: 3025
- Joined: Mon Feb 09, 2009 4:55 pm
- Location: Riverton, Utah
Re: Expiring Password
Something got lost in translation. You can change your own password without any additional validation. Changing the password for another user (in case of a forgotten or locked password) requires two finance authorizers.davesudweeks wrote:2. When I change my password each quarter, I must have 2 other members who have access to financial data sitting by me when I change my password so they can validate that I changed my password. - HUH???
Step 2 has me at a loss. I understand having an administrator assist or even another person or two with financial access assist if someone forgets their password and needs it reset. But making half the bishopric sit in the clerk's office every time one of them has to simply change their password every quarter? Really?
-
- Senior Member
- Posts: 2652
- Joined: Sun May 09, 2010 9:16 pm
- Location: Washington, USA
Re: Expiring Password
Well this is good news and confirms the behavior I saw when I had to do my first password change in MLS in about 10 years. But this is a quote from the MLS message that had me scratching my head: "If the user has access to financial data, the password change must be validated by two other users with access to finance data." There was no mention of resetting a password. The entire text was about changing a password. Two entirely different scenarios...scgallafent wrote:Something got lost in translation. You can change your own password without any additional validation. Changing the password for another user (in case of a forgotten or locked password) requires two finance authorizers.davesudweeks wrote:2. When I change my password each quarter, I must have 2 other members who have access to financial data sitting by me when I change my password so they can validate that I changed my password. - HUH???
Step 2 has me at a loss. I understand having an administrator assist or even another person or two with financial access assist if someone forgets their password and needs it reset. But making half the bishopric sit in the clerk's office every time one of them has to simply change their password every quarter? Really?
-
- New Member
- Posts: 12
- Joined: Sun Nov 16, 2014 12:22 pm
Re: Expiring Password
It's actually not. That's the point of the thread. The evidence is that compelling a password change *reduces* security.drepouille wrote: Well no. This is industry standard security policy, especially for officers of any organization who have as much power as we do to modify personal data.