Posts: 46
Threads: 8
Joined: Nov 2007
Just have to get this off my chest.
I have been a long time CQC user, but now I am installing from scratch.
At the end of the installation process, it asks for a password.
Then it says "The Admin user has been created" and some other wording.
Then you go to login the Administrative client, and you are presented with a user password dialog box
What user name? You have to download the manuals to find out that it is called 'Admin' with a capital A.
That is really offputting for a newbie, and it should not have to be this way. [ Ok now I am an oldie, and I knew this]
But so you are in the administrative client, and you make some new users. But nowhere can you input a password.
Then you exit and restart the administrative client, but I cannot use my new username, since I do not know the password.
I have spent about 10min on this, but I cannot find by exploring the administrative program how to set the password ( I can reset it, and it says the password is reset, but I do not know to what it is reset )
So time to break out the manuals again. [ And this time I had to search the forums]
Answer the new password is called "Welcome"
In order to change it, you have to log in as the new user, and then you can change your password (but alas not to the empty string.)
Dean, you mentioned the frustration of new users to learn a home automation program.... I think this one qualifies as such! A
And there really is no need for this.
-> during setup, you could ask for a username and password, or you could say that you have created a user called "Admin" with the supplied password.
-> in the administrative program, you could have the user supply an initial password for newly created users (or allow blank)
On with the show
Scott
Posts: 4,225
Threads: 365
Joined: May 2005
Totally agree with all of what you have said.
CQC should be using windows accounts and not it's own. That would make thing easier again for the end user.
Honestly though, is a username and password really required for a home situation. Maybe security should be an option
Posts: 3,415
Threads: 158
Joined: Jan 2006
It is pretty much standard practice these days that usernames not be case sensitive. I realize that CQC and it's foundations are case sensitive, but it is non-intuitive.
And maybe a simple solution to the default password thing is to pop up a dialog to at least tell you the default password is Welcome and to change it what you need to do.
I agree Windows accounts might be nice, but since CQC is distributed it might not be that easy to implement since Windows accounts are typically local to the machine, most people aren't running domains.
Posts: 516
Threads: 49
Joined: Jul 2007
znelbok Wrote:Honestly though, is a username and password really required for a home situation. Maybe security should be an option
Agree 110% !!
Posts: 127
Threads: 25
Joined: Feb 2010
Of course, it is possible to log in automatically without the username/password popup, but this requires setting environment variables.
I guess it is a matter of personal opinion whether the default should be secure or non-secure. An option at install time would be great.
Posts: 2,521
Threads: 87
Joined: Sep 2006
I disagree about using the windows users as login info. Many don't have a domain thereby requiring different passwords for different workstations, etc. As for security being an option, I don't use security on most workstations by using environment variables. The security is something I rather like as I can change the needs based on the location I have a computer.
Russ...
Posts: 40,483
Threads: 491
Joined: Aug 2002
I'm pretty sure that the installer tells you what it's doing on an initial install, and that it is creating an account called Admin with the password you are entering. If they don't read it, I'm not sure what we can do. No login screen is really going to tell you how to log in, since that would kind of make the security useless.
If you don't want to use security, there's a FAQ entry on how to set up clients so that use a username and password from the environment. But for most folks the security is important. Not for kiosk style clients of course and those almost always would just auto-log in with a low privilege account. But for any of the administrative tools it's important for most folks, particularly if they have kids around.
Using Windows accounts would be something we wouldn't want to do. We have our own privilege level system that allows appropriate access to functionality, and we can store CQC specific info with user accounts, and we can also enforce user rights in a client/server sort of way where the person on the client could be logged into a Windows user account that the server has no clue of, because most folks don't use a domain.
Dean Roddey
Explorans limites defectum
Posts: 46
Threads: 8
Joined: Nov 2007
Dean, I did not believe you, so I went to the install video and sure enough, at 5:40 it says that it will create an Admin user and you must supply the password, which will be case sensitive.
So you are right, but from my perspective, it shows that a user can gloss over text and be dumbfounded later on. A couple of simple changes could make this experience much easier, especially as a first encounter with cqc.
For example:
- let install program choose username and password
- allow blank passwords
- let admin interface change passwords for all users (provided they know the old one)
5 cents.
Scott
Posts: 516
Threads: 49
Joined: Jul 2007
scott Wrote:- let admin interface change passwords for all users (provided they know the old one)
I recently found myself rebuilding a client PC. It auto-logged on using environment variables. Yes, ok, I should have probably recorded its username and password before I killed the PC, but it's been so long since I set that stuff up, that I forgot about it.
So in order to reset the user's password, I had to login as Admin, reset the password, then search the forums to figure out what the default password was. Then login to Admin Interface with that user to change the password.
Two comments come to mind.
#1. That is way to complicated. If I'm the admin user, I should be able to set the password for any user to whatever I like, without having to know the user's password previously.
#2. This stuff seems straightforward and easy to regular users. (That's regular as in people who it often, not regular as in normal). But I go through stages. My CQC sits doing what it needs to do, and I never have to worry about this stuff. Until I need to change it. Then I need to re-learn all the quirks that I forgot about 6 months ago.
Posts: 4,225
Threads: 365
Joined: May 2005
zaccari Wrote:I disagree about using the windows users as login info. Many don't have a domain thereby requiring different passwords for different workstations, etc. As for security being an option, I don't use security on most workstations by using environment variables. The security is something I rather like as I can change the needs based on the location I have a computer.
Russ...
Domain or workgroup makes no difference at all. You just create the same user on all systems running cqc. As long as cqc will not use the domain as part of the username as this is different across each PC it is not an issue.
Even some of the big players in industrial SCADA systems use this method. They do support domains as well which make it much easier to manage.
When I indicated that security is not needed at home I should have also added that it should be optional
Mick
|
