User Login Changes in RDPWin Version 3
On July 1, 2010, new PCI compliance standards go into effect. RDP has developed RDPWin Version 3 in response to these standards and the program has been certified compliant. In order to pass the strict PCI standards, RDP has had to make many changes to the User login experience. The following article explains the changes you will experience when converting to RDPWin Version 3.
Passwords must now meet certain standards to be compliant. Passwords:
Each user must have unique initials (2 characters). Initials are stamped on
transactions to track the user who created or posted the transaction. If two
staff members have the same initials in real life, then some accommodation must
be made to change one user’s initials for use in RDPWin Version 3.
RDPWin Version 3 has an ADMIN user. In addition to being able to make certain users Administrators, there is an ADMIN user. This user should not be used on a regular basis as a login, but rather is comparable to a Domain Administrator for your network. One or more persons (but not many) should know the ADMIN password. This login can be used when all else fails to access the RDP system (i.e. all the administrators forgot their own passwords). Like any other user, the ADMIN user will need to change its password every 90 days.
With RDPWin Version 3, a user may only be logged-in to one workstation at a
time. Should you need to log-in to a second computer, you will need to log-off
of the first (or wait the 20 minutes for the system to do that automatically).
It is best practices to log-off of any RDP session if you plan to be away for
more than a few moments.
RDPWin Version 3 automatically log-offs users after 20 minutes of inactivity only if the user account is a Credit Card Administrator or Administrator User Type. A warning appears after 10 minutes of inactivity and the timer can be reset by simply clicking on the warning message. Users without administrator privileges will not encounter the auto-logoff feature.
Converting to RDPWin Version 3
Converting to RDPWin Version 3 is not a lengthy process. If your credit cards are not already encrypted, then they will be encrypted the first time RDPWin Version 3 starts. Steps for conversion are:
Important Version 3 Documents