Maitre'D User Editor

After the initial logon and initial user creation is completed, other user accounts will need to be created. These accounts can be used for various tasks, ranging from basic reporting to all types of configuration changes. Due to the sensitive nature of the data that can be accessed through the Maitre’D Back-Office, its access needs to be protected adequately by usernames and passwords.

Furthermore, to ensure compliance with PCI-DSS, individual user accounts need to be created for each user requiring access to the Maitre’D Back-Office. Sharing accounts or disclosing passwords will automatically make your site non-compliant against PCI-DSS rules.

Accessing the User Editor Tool

Logon to the Maitre’D Back-Office with appropriate credentials. (Distributor or System Owner)

From the main back-office screen, click on the Tools menu, and select the User Editor option.

The User Editor window will be displayed. All existing users with access levels equal or lower than yours will be listed here, if any.

Click the New button to create a new user.

Click the Delete button to permanently delete an existing user

This button is only available to PayFacto technicians to reset an account’s password history for troubleshooting purposes.

Click the UnLock button to unlock a locked account.

Click the Discard button to clear information that was entered during the process of creating a new user.

Click OK to commit changes and exit out of the User Editor tool.

Click Apply to commit changes without exiting from the User Editor Tool.

Click Cancel to exit out of the User Editor tool without saving changes.

Create a new user

1. Click the New button to start the process.

2. User Name

Type a user name for this account. The user name should allow the person logging in to be identified.

3. Access Level

Choose an access level for this user:

Distributor

This access is restricted to Maitre’D Certified technicians and Resellers. All other access levels are unable to see or grant this access.

System Owner

The System Owner access level is restricted to the restaurant management. Only top-level managers should have this access, as this allows them to create and delete other users, as well perform any administrative task on the Maitre’D system.

Access Levels 2 through 8

These access levels can be fully customized. These access levels can be used for anyone requiring access to the Maitre’D back-office software.

4. Password

Type in a password for the new user. The password must be at least 7 characters, and comprised of a mix of letters and numbers.

5. Confirm Password

Confirm the password for this new user.

Enable this option to force the user to change the login password during the next login. This option should be used for every new account and afterwards if there is a doubt that an account password may have been compromised.

7. Apply

Click the Apply button to create the user without exiting the User Editor. This will allow you to create more users.

8. OK

Click OK to save your changes and exit.

Changing passwords

Maitre’D will automatically force users to change their passwords every 90 days. Also, Maitre’D keeps a history of each user’s passwords so that the last 4 passwords cannot be re-used. In case a password becomes compromised or if you have any doubts to that effect, you can force any user to change their password by checking the User must change password at next login box in their account’s properties. Of course, you need to be logged in with Distributor or System Owner access in order to do this.

Locked accounts

After 5 unsuccessful login attempts, Maitre’D will automatically lock the user account. To unlock an account, someone with Distributor or System Owner access needs to login, access the user editor, select the locked account and click the Unlock button.

Locked accounts are marked with a padlock icon:

General user accounts and passwords guidelines

Never share your password with anyone, for any reason, under any circumstances.
Use complex passwords. Maitre’D already forces you to use a minimum of 7 characters with a mix of letters and numbers, however:
- Try using 8 or more characters. Long passwords are harder to guess.
- Avoid using combinations like 123abcd, or 123456a, or abcdef1, etc. These combinations are easy to guess and can get your system compromised.
- Avoid using combinations of adjacent letters and numbers on the keyboard, such as “qwertyu8”.
- Avoid using common words with letters replaced by numbers or symbols, such as “P@ssw0rd” or M1cro$0ft. Unfortunately, hackers know these tricks, too.
- Try using 8 or more characters mixed in with capital letters, numbers and special characters. A very effective technique is to choose a phrase which only you would know, then take the first few letters of each word to start building your password. Then, throw in a few numbers and add a special character or two.
Do not use any word from any dictionary in any language. Hackers can use sophisticated dictionary attacks; therefore, any dictionary words are not safe to use as passwords.
Compare your password against "Most Common Password Lists", such as NordPass' annual list: NordPass Top 200 Most Common Passwords. If your password (or a close variant) appears on this kind of lists, change it immediately.
Never use any kind of personal information as your password, such as your spouse’s name, children’s names, birth dates, anniversaries, etc.
Make sure that only key personnel have Distributor or System Owner access. Give lower access to everyone else.
If you have even the smallest doubt that someone may know your password, have it changed immediately.
When an employee quits or is terminated, immediately delete this person’s account from Maitre’D. If you need to keep the account for audit purposes, then immediately change the password.
Strictly enforce passwords management policies with all employees using any part of your computer system.